diff options
Diffstat (limited to 'source3/smbd')
| -rw-r--r-- | source3/smbd/posix_acls.c | 4 | ||||
| -rw-r--r-- | source3/smbd/sesssetup.c | 8 |
2 files changed, 10 insertions, 2 deletions
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 158f1a0ede..584164e930 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -2110,8 +2110,10 @@ static canon_ace *canonicalise_acl( files_struct *fsp, SMB_ACL_T posix_acl, SMB_ * entries out of the blue when setting ACLs, so a get/set * cycle will drop them. */ - if (the_acl_type == SMB_ACL_TYPE_ACCESS && *puid == psbuf->st_uid) + if (the_acl_type == SMB_ACL_TYPE_ACCESS && *puid == psbuf->st_uid) { + SMB_VFS_SYS_ACL_FREE_QUALIFIER(conn, (void *)puid,tagtype); continue; + } uid_to_sid( &sid, *puid); unix_ug.uid = *puid; owner_type = UID_ACE; diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 902db2d288..8a56478929 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -150,7 +150,7 @@ static int reply_spnego_kerberos(connection_struct *conn, DATA_BLOB auth_data; DATA_BLOB ap_rep, ap_rep_wrapped, response; auth_serversupplied_info *server_info = NULL; - DATA_BLOB session_key; + DATA_BLOB session_key = data_blob(NULL, 0); uint8 tok_id[2]; BOOL foreign = False; DATA_BLOB nullblob = data_blob(NULL, 0); @@ -183,6 +183,7 @@ static int reply_spnego_kerberos(connection_struct *conn, if (!p) { DEBUG(3,("Doesn't look like a valid principal\n")); data_blob_free(&ap_rep); + data_blob_free(&session_key); SAFE_FREE(client); return ERROR_NT(NT_STATUS_LOGON_FAILURE); } @@ -192,6 +193,7 @@ static int reply_spnego_kerberos(connection_struct *conn, DEBUG(3,("Ticket for foreign realm %s@%s\n", client, p+1)); if (!lp_allow_trusted_domains()) { data_blob_free(&ap_rep); + data_blob_free(&session_key); SAFE_FREE(client); return ERROR_NT(NT_STATUS_LOGON_FAILURE); } @@ -249,6 +251,7 @@ static int reply_spnego_kerberos(connection_struct *conn, SAFE_FREE(user); SAFE_FREE(client); data_blob_free(&ap_rep); + data_blob_free(&session_key); return ERROR_NT(NT_STATUS_LOGON_FAILURE); } @@ -263,6 +266,7 @@ static int reply_spnego_kerberos(connection_struct *conn, SAFE_FREE(user); SAFE_FREE(client); data_blob_free(&ap_rep); + data_blob_free(&session_key); return ERROR_NT(ret); } @@ -274,6 +278,8 @@ static int reply_spnego_kerberos(connection_struct *conn, } /* register_vuid keeps the server info */ + /* register_vuid takes ownership of session_key, no need to free after this. + A better interface would copy it.... */ sess_vuid = register_vuid(server_info, session_key, nullblob, client); SAFE_FREE(user); |