From bcc29f9e7317601737858184f5ec6243552e0c0c Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 29 Aug 2012 09:09:10 +1000
Subject: auth/credentials: Avoid double-free in the failure case

This pointer is only valid if dbwrap_fetch returned success.

Andrew Bartlett
---
 auth/credentials/credentials_secrets.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'auth')

diff --git a/auth/credentials/credentials_secrets.c b/auth/credentials/credentials_secrets.c
index 3304200607..37e825bee9 100644
--- a/auth/credentials/credentials_secrets.c
+++ b/auth/credentials/credentials_secrets.c
@@ -235,8 +235,8 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
 		TALLOC_FREE(keystr_upper);
 		if (NT_STATUS_IS_OK(status) && dbuf.dsize == 4) {
 			secrets_tdb_lct = IVAL(dbuf.dptr,0);
+			TALLOC_FREE(dbuf.dptr);
 		}
-		TALLOC_FREE(dbuf.dptr);
 
 		keystr = talloc_asprintf(cred, "%s/%s",
 					 SECRETS_MACHINE_PASSWORD,
-- 
cgit