From 25d6eaae8d0d885add7e64b96df7a489328c6b0f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sun, 10 Dec 2006 05:23:47 +0000 Subject: r20098: Properly fix issues with create_token_from_username() reported by James. Ensure that this function allocates everything on the temporary context except the return memory. Never call this with a null mem context, and now use conn->mem_ctx instead in smbd/service.c. Remove separate free functions for conn->ngroups and conn->nt_user_token as they are now always talloc'ed off the conn->mem_ctx. Future optimization will be to remove conn->mem_ctx and make all objects pointed to in the conn struct talloc'ed off conn itself. Easy to free then :-). Jeremy. (This used to be commit f83b6de44f1058811ff94ac72a8a71bd8e49e4e8) --- source3/auth/auth_util.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'source3/auth/auth_util.c') diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 7e65121b2d..870dc9b5d0 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1130,7 +1130,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, goto unix_user; } - result = pdb_enum_group_memberships(mem_ctx, sam_acct, + result = pdb_enum_group_memberships(tmp_ctx, sam_acct, &group_sids, &gids, &num_group_sids); if (!NT_STATUS_IS_OK(result)) { @@ -1144,6 +1144,8 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, SMB_ASSERT(num_group_sids > 0); *gid = gids[0]; + + /* Ensure we're returning the found_username on the right context. */ *found_username = talloc_strdup(mem_ctx, pdb_get_username(sam_acct)); @@ -1178,8 +1180,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, goto done; } - /* group_sids can be realloced - must be done on mem_ctx not tmp_ctx. */ - group_sids = talloc_array(mem_ctx, DOM_SID, num_group_sids); + group_sids = talloc_array(tmp_ctx, DOM_SID, num_group_sids); if (group_sids == NULL) { DEBUG(1, ("talloc_array failed\n")); result = NT_STATUS_NO_MEMORY; @@ -1194,8 +1195,9 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, SMB_ASSERT(num_group_sids > 0); *gid = gids[0]; - *found_username = talloc_strdup(mem_ctx, pass->pw_name); + /* Ensure we're returning the found_username on the right context. */ + *found_username = talloc_strdup(mem_ctx, pass->pw_name); } else { /* This user is from winbind, force the primary gid to the @@ -1208,7 +1210,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, uint32 dummy; num_group_sids = 1; - group_sids = talloc_array(mem_ctx, DOM_SID, num_group_sids); + group_sids = talloc_array(tmp_ctx, DOM_SID, num_group_sids); if (group_sids == NULL) { DEBUG(1, ("talloc_array failed\n")); result = NT_STATUS_NO_MEMORY; @@ -1227,6 +1229,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, gids = gid; + /* Ensure we're returning the found_username on the right context. */ *found_username = talloc_strdup(mem_ctx, username); } @@ -1251,13 +1254,14 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, "for gid %d!\n", gids[i])); continue; } - if (!add_sid_to_array_unique( mem_ctx, &unix_group_sid, + if (!add_sid_to_array_unique(tmp_ctx, &unix_group_sid, &group_sids, &num_group_sids )) { result = NT_STATUS_NO_MEMORY; goto done; } } + /* Ensure we're creating the nt_token on the right context. */ *token = create_local_nt_token(mem_ctx, &user_sid, is_guest, num_group_sids, group_sids); @@ -1278,6 +1282,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, Expensive helper function to figure out whether a user given its name is member of a particular group. ***************************************************************************/ + BOOL user_in_group_sid(const char *username, const DOM_SID *group_sid) { NTSTATUS status; -- cgit