From b213b35e08cb53eec47ceae87a52d3b0832a5914 Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Thu, 3 May 2007 12:29:32 +0000
Subject: r22647: Avoid leaking a full info3 structure on each winbindd cached
 login by making netsamlogon_cache_get() return a talloc'ed structure.

Guenther
(This used to be commit 5b149967cc3ab68057db015e67b688c9b9577f0d)
---
 source3/libsmb/samlogon_cache.c  | 10 ++++++----
 source3/nsswitch/winbindd_rpc.c  |  2 +-
 source3/nsswitch/winbindd_util.c |  8 ++++----
 3 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/source3/libsmb/samlogon_cache.c b/source3/libsmb/samlogon_cache.c
index 3edbbaa2c1..0791cd80e4 100644
--- a/source3/libsmb/samlogon_cache.c
+++ b/source3/libsmb/samlogon_cache.c
@@ -192,10 +192,13 @@ NET_USER_INFO_3* netsamlogon_cache_get( TALLOC_CTX *mem_ctx, const DOM_SID *user
 	data = tdb_fetch_bystring( netsamlogon_tdb, keystr );
 	
 	if ( data.dptr ) {
-		
-		if ( (user = SMB_MALLOC_P(NET_USER_INFO_3)) == NULL )
+
+
+		user = TALLOC_ZERO_P(mem_ctx, NET_USER_INFO_3);
+		if (user == NULL) {
 			return NULL;
-			
+		}
+
 		prs_init( &ps, 0, mem_ctx, UNMARSHALL );
 		prs_give_memory( &ps, (char *)data.dptr, data.dsize, True );
 		
@@ -247,7 +250,6 @@ BOOL netsamlogon_cache_have(const DOM_SID *user_sid)
 	result = (user != NULL);
 
 	talloc_destroy(mem_ctx);
-	SAFE_FREE(user);
 
 	return result;
 }
diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c
index 4432676414..f408e1e15e 100644
--- a/source3/nsswitch/winbindd_rpc.c
+++ b/source3/nsswitch/winbindd_rpc.c
@@ -422,7 +422,7 @@ static NTSTATUS query_user(struct winbindd_domain *domain,
 		user_info->shell = NULL;
 		user_info->primary_gid = (gid_t)-1;
 						
-		SAFE_FREE(user);
+		TALLOC_FREE(user);
 				
 		return NT_STATUS_OK;
 	}
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c
index 67f00e99bd..d8d7249c2d 100644
--- a/source3/nsswitch/winbindd_util.c
+++ b/source3/nsswitch/winbindd_util.c
@@ -984,7 +984,7 @@ NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain,
 	}
 
 	if (info3->num_groups == 0) {
-		SAFE_FREE(info3);
+		TALLOC_FREE(info3);
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 	
@@ -992,7 +992,7 @@ NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain,
 	sid_compose(&primary_group, &info3->dom_sid.sid, info3->user_rid);
 	
 	if (!add_sid_to_array(mem_ctx, &primary_group, user_sids, &num_groups)) {
-		SAFE_FREE(info3);
+		TALLOC_FREE(info3);
 		return NT_STATUS_NO_MEMORY;
 	}
 
@@ -1002,12 +1002,12 @@ NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain,
 
 		if (!add_sid_to_array(mem_ctx, &group_sid, user_sids,
 				 &num_groups)) {
-			SAFE_FREE(info3);
+			TALLOC_FREE(info3);
 			return NT_STATUS_NO_MEMORY;
 		}
 	}
 
-	SAFE_FREE(info3);
+	TALLOC_FREE(info3);
 	*p_num_groups = num_groups;
 	status = (user_sids != NULL) ? NT_STATUS_OK : NT_STATUS_NO_MEMORY;
 	
-- 
cgit