From d68168e63386f900b70b82a7056f6e744cd5d50c Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sun, 12 Oct 2008 04:00:55 +0200 Subject: Cope with the fact that the data blobs returned are now talloc-allocated. Ideally, this memory should be talloc-stolen (and perhaps have DATA_BLOB in the interface everywhere), but that requires some more complex changes so I've just changed it to copy it for now. --- source3/smbd/seal.c | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c index e9dc46aa3c..18d8b643dd 100644 --- a/source3/smbd/seal.c +++ b/source3/smbd/seal.c @@ -426,9 +426,14 @@ static NTSTATUS srv_enc_spnego_gss_negotiate(unsigned char **ppdata, size_t *p_d data_blob_free(&auth_reply); SAFE_FREE(*ppdata); - *ppdata = response.data; + *ppdata = memdup(response.data, response.length); + if ((*ppdata) == NULL && response.length > 0) { + status = NT_STATUS_NO_MEMORY; + } *p_data_size = response.length; + data_blob_free(&response); + return status; } #endif @@ -463,8 +468,13 @@ static NTSTATUS srv_enc_ntlm_negotiate(unsigned char **ppdata, size_t *p_data_si } SAFE_FREE(*ppdata); - *ppdata = response.data; + *ppdata = memdup(response.data, response.length); + if ((*ppdata) == NULL && response.length > 0) { + status = NT_STATUS_NO_MEMORY; + } *p_data_size = response.length; + data_blob_free(&response); + return status; } @@ -585,8 +595,11 @@ static NTSTATUS srv_enc_spnego_ntlm_auth(connection_struct *conn, } SAFE_FREE(*ppdata); - *ppdata = response.data; + *ppdata = memdup(response.data, response.length); + if ((*ppdata) == NULL && response.length > 0) + return NT_STATUS_NO_MEMORY; *p_data_size = response.length; + data_blob_free(&response); return status; } @@ -636,8 +649,11 @@ static NTSTATUS srv_enc_raw_ntlm_auth(connection_struct *conn, /* Return the raw blob. */ SAFE_FREE(*ppdata); - *ppdata = response.data; + *ppdata = memdup(response.data, response.length); + if ((*ppdata) == NULL && response.length > 0) + return NT_STATUS_NO_MEMORY; *p_data_size = response.length; + data_blob_free(&response); return status; } -- cgit