summaryrefslogtreecommitdiff
path: root/source3/libsmb
diff options
context:
space:
mode:
Diffstat (limited to 'source3/libsmb')
-rw-r--r--source3/libsmb/cli_lsarpc.c28
-rw-r--r--source3/libsmb/clientgen.c4
-rw-r--r--source3/libsmb/clisecdesc.c39
-rw-r--r--source3/libsmb/clitrans.c7
4 files changed, 59 insertions, 19 deletions
diff --git a/source3/libsmb/cli_lsarpc.c b/source3/libsmb/cli_lsarpc.c
index 4199ab2648..60fab75cca 100644
--- a/source3/libsmb/cli_lsarpc.c
+++ b/source3/libsmb/cli_lsarpc.c
@@ -109,12 +109,16 @@ uint32 cli_lsa_open_policy(struct cli_state *cli, BOOL sec_qos,
if (!lsa_io_q_open_pol("", &q, &qbuf, 0) ||
!rpc_api_pipe_req(cli, LSA_OPENPOLICY, &qbuf, &rbuf)) {
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
return NT_STATUS_UNSUCCESSFUL;
}
/* Unmarshall response */
if (!lsa_io_r_open_pol("", &r, &rbuf, 0)) {
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -126,6 +130,8 @@ uint32 cli_lsa_open_policy(struct cli_state *cli, BOOL sec_qos,
*hnd = r.pol;
}
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
return result;
}
@@ -152,12 +158,16 @@ uint32 cli_lsa_close(struct cli_state *cli, POLICY_HND *hnd)
if (!lsa_io_q_close("", &q, &qbuf, 0) ||
!rpc_api_pipe_req(cli, LSA_CLOSE, &qbuf, &rbuf)) {
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
return NT_STATUS_UNSUCCESSFUL;
}
/* Unmarshall response */
if (!lsa_io_r_close("", &r, &rbuf, 0)) {
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -169,6 +179,8 @@ uint32 cli_lsa_close(struct cli_state *cli, POLICY_HND *hnd)
*hnd = r.pol;
}
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
return result;
}
@@ -200,6 +212,8 @@ uint32 cli_lsa_lookup_sids(struct cli_state *cli, POLICY_HND *hnd,
if (!lsa_io_q_lookup_sids("", &q, &qbuf, 0) ||
!rpc_api_pipe_req(cli, LSA_LOOKUPSIDS, &qbuf, &rbuf)) {
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -212,6 +226,8 @@ uint32 cli_lsa_lookup_sids(struct cli_state *cli, POLICY_HND *hnd,
r.names = &t_names;
if (!lsa_io_r_lookup_sids("", &r, &rbuf, 0)) {
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -271,6 +287,9 @@ uint32 cli_lsa_lookup_sids(struct cli_state *cli, POLICY_HND *hnd,
}
done:
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
+
return result;
}
@@ -301,6 +320,8 @@ uint32 cli_lsa_lookup_names(struct cli_state *cli, POLICY_HND *hnd,
if (!lsa_io_q_lookup_names("", &q, &qbuf, 0) ||
!rpc_api_pipe_req(cli, LSA_LOOKUPNAMES, &qbuf, &rbuf)) {
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -309,7 +330,9 @@ uint32 cli_lsa_lookup_names(struct cli_state *cli, POLICY_HND *hnd,
ZERO_STRUCT(ref);
r.dom_ref = &ref;
- if (!lsa_io_r_lookup_names(cli->mem_ctx, "", &r, &rbuf, 0)) {
+ if (!lsa_io_r_lookup_names("", &r, &rbuf, 0)) {
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -366,5 +389,8 @@ uint32 cli_lsa_lookup_names(struct cli_state *cli, POLICY_HND *hnd,
}
done:
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
+
return result;
}
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 8d9e2f034f..1938049806 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -209,13 +209,13 @@ struct cli_state *cli_initialise(struct cli_state *cli)
cli->inbuf = (char *)malloc(cli->bufsize);
if (!cli->outbuf || !cli->inbuf)
{
- return False;
+ return NULL;
}
if ((cli->mem_ctx = talloc_init()) == NULL) {
free(cli->outbuf);
free(cli->inbuf);
- return False;
+ return NULL;
}
memset(cli->outbuf, '\0', cli->bufsize);
diff --git a/source3/libsmb/clisecdesc.c b/source3/libsmb/clisecdesc.c
index b56e1ea688..d53b3073b2 100644
--- a/source3/libsmb/clisecdesc.c
+++ b/source3/libsmb/clisecdesc.c
@@ -36,7 +36,6 @@ SEC_DESC *cli_query_secdesc(struct cli_state *cli,int fd)
TALLOC_CTX *mem_ctx;
prs_struct pd;
SEC_DESC *psd = NULL;
- SEC_DESC *ret;
SIVAL(param, 0, fd);
SSVAL(param, 4, 0x7);
@@ -48,7 +47,7 @@ SEC_DESC *cli_query_secdesc(struct cli_state *cli,int fd)
param, 8, 4,
NULL, 0, 0x10000)) {
DEBUG(1,("Failed to send NT_TRANSACT_QUERY_SECURITY_DESC\n"));
- return NULL;
+ goto cleanup;
}
@@ -56,12 +55,12 @@ SEC_DESC *cli_query_secdesc(struct cli_state *cli,int fd)
&rparam, &rparam_count,
&rdata, &rdata_count)) {
DEBUG(1,("Failed to recv NT_TRANSACT_QUERY_SECURITY_DESC\n"));
- return NULL;
+ goto cleanup;
}
if ((mem_ctx = talloc_init()) == NULL) {
DEBUG(0,("talloc_init failed.\n"));
- return NULL;
+ goto cleanup;
}
prs_init(&pd, rdata_count, 4, mem_ctx, UNMARSHALL);
@@ -70,13 +69,17 @@ SEC_DESC *cli_query_secdesc(struct cli_state *cli,int fd)
if (!sec_io_desc("sd data", &psd, &pd, 1)) {
DEBUG(1,("Failed to parse secdesc\n"));
- talloc_destroy(mem_ctx);
- return NULL;
+ goto cleanup;
}
- ret = dup_sec_desc(psd);
+ cleanup:
+
talloc_destroy(mem_ctx);
- return ret;
+ safe_free(rparam);
+ safe_free(rdata);
+
+ prs_mem_free(&pd);
+ return psd;
}
@@ -92,10 +95,11 @@ BOOL cli_set_secdesc(struct cli_state *cli,int fd, SEC_DESC *sd)
int rparam_count=0, rdata_count=0;
TALLOC_CTX *mem_ctx;
prs_struct pd;
+ BOOL ret = False;
if ((mem_ctx = talloc_init()) == NULL) {
DEBUG(0,("talloc_init failed.\n"));
- return False;
+ goto cleanup;
}
prs_init(&pd, 0, 4, mem_ctx, MARSHALL);
@@ -103,7 +107,7 @@ BOOL cli_set_secdesc(struct cli_state *cli,int fd, SEC_DESC *sd)
if (!sec_io_desc("sd data", &sd, &pd, 1)) {
DEBUG(1,("Failed to marshall secdesc\n"));
- return False;
+ goto cleanup;
}
SIVAL(param, 0, fd);
@@ -116,7 +120,7 @@ BOOL cli_set_secdesc(struct cli_state *cli,int fd, SEC_DESC *sd)
param, 8, 0,
pd.data_p, pd.data_offset, 0)) {
DEBUG(1,("Failed to send NT_TRANSACT_SET_SECURITY_DESC\n"));
- return False;
+ goto cleanup;
}
@@ -124,14 +128,19 @@ BOOL cli_set_secdesc(struct cli_state *cli,int fd, SEC_DESC *sd)
&rparam, &rparam_count,
&rdata, &rdata_count)) {
DEBUG(1,("NT_TRANSACT_SET_SECURITY_DESC failed\n"));
- return False;
+ goto cleanup;
}
- if (rparam) free(rparam);
- if (rdata) free(rdata);
+ ret = True;
+
+ cleanup:
+
+ safe_free(rparam);
+ safe_free(rdata);
talloc_destroy(mem_ctx);
- return True;
+ prs_mem_free(&pd);
+ return ret;
}
diff --git a/source3/libsmb/clitrans.c b/source3/libsmb/clitrans.c
index 50ed68ee16..5cd6ae30ce 100644
--- a/source3/libsmb/clitrans.c
+++ b/source3/libsmb/clitrans.c
@@ -170,8 +170,13 @@ BOOL cli_receive_trans(struct cli_state *cli,int trans,
if (cli_error(cli, &eclass, &ecode, NULL))
{
- if(cli->nt_pipe_fnum == 0 || !(eclass == ERRDOS && ecode == ERRmoredata))
+ if(cli->nt_pipe_fnum == 0)
return(False);
+
+ if(!(eclass == ERRDOS && ecode == ERRmoredata)) {
+ if (eclass != 0 && (ecode != (0x80000000 | STATUS_BUFFER_OVERFLOW)))
+ return(False);
+ }
}
/* parse out the lengths */