summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/rpc_misc.h12
-rw-r--r--source3/libsmb/cli_lsarpc.c16
-rw-r--r--source3/libsmb/cli_samr.c18
3 files changed, 45 insertions, 1 deletions
diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h
index 7398b8ac57..e47853c2a2 100644
--- a/source3/include/rpc_misc.h
+++ b/source3/include/rpc_misc.h
@@ -323,6 +323,18 @@ typedef struct lsa_policy_info
uint16 data3;
uint16 data4;
uint8 data5[8];
+
+#ifdef __INSURE__
+
+ /* To prevent the leakage of policy handles mallocate a bit of
+ memory when a policy handle is created and free it when the
+ handle is closed. This should cause Insure to flag an error
+ when policy handles are overwritten or fall out of scope without
+ being freed. */
+
+ char *marker;
+#endif
+
} POLICY_HND;
/*
diff --git a/source3/libsmb/cli_lsarpc.c b/source3/libsmb/cli_lsarpc.c
index 832758df4f..3216854608 100644
--- a/source3/libsmb/cli_lsarpc.c
+++ b/source3/libsmb/cli_lsarpc.c
@@ -99,6 +99,9 @@ NTSTATUS cli_lsa_open_policy(struct cli_state *cli, TALLOC_CTX *mem_ctx,
if (NT_STATUS_IS_OK(result = r.status)) {
*pol = r.pol;
+#ifdef __INSURE__
+ pol->marker = malloc(1);
+#endif
}
done:
@@ -160,6 +163,9 @@ NTSTATUS cli_lsa_open_policy2(struct cli_state *cli, TALLOC_CTX *mem_ctx,
if (NT_STATUS_IS_OK(result = r.status)) {
*pol = r.pol;
+#ifdef __INSURE__
+ pol->marker = (char *)malloc(1);
+#endif
}
done:
@@ -207,6 +213,9 @@ NTSTATUS cli_lsa_close(struct cli_state *cli, TALLOC_CTX *mem_ctx,
/* Return output parameters */
if (NT_STATUS_IS_OK(result = r.status)) {
+#ifdef __INSURE__
+ SAFE_FREE(pol->marker);
+#endif
*pol = r.pol;
}
@@ -1052,7 +1061,10 @@ NTSTATUS cli_lsa_query_secobj(struct cli_state *cli, TALLOC_CTX *mem_ctx,
return result;
}
-/** Fetch a DOMAIN sid. Does complete cli setup / teardown anonymously. */
+#if 0
+
+/** An example of how to use the routines in this file. Fetch a DOMAIN
+ sid. Does complete cli setup / teardown anonymously. */
BOOL fetch_domain_sid( char *domain, char *remote_machine, DOM_SID *psid)
{
@@ -1150,4 +1162,6 @@ Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
return ret;
}
+#endif
+
/** @} **/
diff --git a/source3/libsmb/cli_samr.c b/source3/libsmb/cli_samr.c
index 53203e3d79..85a7375f99 100644
--- a/source3/libsmb/cli_samr.c
+++ b/source3/libsmb/cli_samr.c
@@ -69,6 +69,9 @@ NTSTATUS cli_samr_connect(struct cli_state *cli, TALLOC_CTX *mem_ctx,
if (NT_STATUS_IS_OK(result = r.status)) {
*connect_pol = r.connect_pol;
+#ifdef __INSURE__
+ connect_pol->marker = malloc(1);
+#endif
}
done:
@@ -114,6 +117,9 @@ NTSTATUS cli_samr_close(struct cli_state *cli, TALLOC_CTX *mem_ctx,
/* Return output parameters */
if (NT_STATUS_IS_OK(result = r.status)) {
+#ifdef __INSURE__
+ SAFE_FREE(connect_pol->marker);
+#endif
*connect_pol = r.pol;
}
@@ -162,6 +168,9 @@ NTSTATUS cli_samr_open_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx,
if (NT_STATUS_IS_OK(result = r.status)) {
*domain_pol = r.domain_pol;
+#ifdef __INSURE__
+ domain_pol->marker = malloc(1);
+#endif
}
done:
@@ -209,6 +218,9 @@ NTSTATUS cli_samr_open_user(struct cli_state *cli, TALLOC_CTX *mem_ctx,
if (NT_STATUS_IS_OK(result = r.status)) {
*user_pol = r.user_pol;
+#ifdef __INSURE__
+ user_pol->marker = malloc(1);
+#endif
}
done:
@@ -256,6 +268,9 @@ NTSTATUS cli_samr_open_group(struct cli_state *cli, TALLOC_CTX *mem_ctx,
if (NT_STATUS_IS_OK(result = r.status)) {
*group_pol = r.pol;
+#ifdef __INSURE__
+ group_pol->marker = malloc(1);
+#endif
}
done:
@@ -759,6 +774,9 @@ NTSTATUS cli_samr_open_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx,
if (NT_STATUS_IS_OK(result = r.status)) {
*alias_pol = r.pol;
+#ifdef __INSURE__
+ alias_pol->marker = malloc(1);
+#endif
}
done: