From 13756d0e803c228f7ff75ba996acd6afd1df0dcb Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 2 Oct 2010 11:50:26 +0200 Subject: s3: Attempt to fix bug 7665 Quite a few of our internal routines put stuff on talloc_tos() these days. In top-level netapi routines, properly allocate a stackframe and clean it again. Also, don't leak memory in the rpccli_ callers onto the libnetapi context. --- source3/lib/netapi/group.c | 112 ++++++++++++++++++++++----------------------- 1 file changed, 56 insertions(+), 56 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 6a926953c0..9b9d8f0855 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -107,7 +107,7 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, break; } - status = rpccli_samr_CreateDomainGroup(pipe_cli, ctx, + status = rpccli_samr_CreateDomainGroup(pipe_cli, talloc_tos(), &domain_handle, &lsa_group_name, SEC_STD_DELETE | @@ -126,7 +126,7 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, init_lsa_String(&info.description, info1->grpi1_comment); - status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + status = rpccli_samr_SetGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFODESCRIPTION, &info); @@ -137,7 +137,7 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, init_lsa_String(&info.description, info2->grpi2_comment); - status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + status = rpccli_samr_SetGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFODESCRIPTION, &info); @@ -149,7 +149,7 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, if (info2->grpi2_attributes != 0) { info.attributes.attributes = info2->grpi2_attributes; - status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + status = rpccli_samr_SetGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFOATTRIBUTES, &info); @@ -161,7 +161,7 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, init_lsa_String(&info.description, info3->grpi3_comment); - status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + status = rpccli_samr_SetGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFODESCRIPTION, &info); @@ -173,7 +173,7 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, if (info3->grpi3_attributes != 0) { info.attributes.attributes = info3->grpi3_attributes; - status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + status = rpccli_samr_SetGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFOATTRIBUTES, &info); @@ -192,12 +192,12 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, goto done; failed: - rpccli_samr_DeleteDomainGroup(pipe_cli, ctx, + rpccli_samr_DeleteDomainGroup(pipe_cli, talloc_tos(), &group_handle); done: if (is_valid_policy_hnd(&group_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &group_handle); + rpccli_samr_Close(pipe_cli, talloc_tos(), &group_handle); } if (ctx->disable_policy_handle_cache) { @@ -264,7 +264,7 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_group_name, r->in.group_name); - status = rpccli_samr_LookupNames(pipe_cli, ctx, + status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), &domain_handle, 1, &lsa_group_name, @@ -280,7 +280,7 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_OpenGroup(pipe_cli, ctx, + status = rpccli_samr_OpenGroup(pipe_cli, talloc_tos(), &domain_handle, SEC_STD_DELETE | SAMR_GROUP_ACCESS_GET_MEMBERS | @@ -294,7 +294,7 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_QueryGroupInfo(pipe_cli, ctx, + status = rpccli_samr_QueryGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFOATTRIBUTES, &info); @@ -310,7 +310,7 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, goto done; } #endif - status = rpccli_samr_QueryGroupMember(pipe_cli, ctx, + status = rpccli_samr_QueryGroupMember(pipe_cli, talloc_tos(), &group_handle, &rid_array); if (!NT_STATUS_IS_OK(status)) { @@ -322,7 +322,7 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, struct lsa_Strings names; struct samr_Ids member_types; - status = rpccli_samr_LookupRids(pipe_cli, ctx, + status = rpccli_samr_LookupRids(pipe_cli, talloc_tos(), &domain_handle, rid_array->count, rid_array->rids, @@ -336,7 +336,7 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, for (i=0; i < rid_array->count; i++) { - status = rpccli_samr_DeleteGroupMember(pipe_cli, ctx, + status = rpccli_samr_DeleteGroupMember(pipe_cli, talloc_tos(), &group_handle, rid_array->rids[i]); if (!NT_STATUS_IS_OK(status)) { @@ -345,7 +345,7 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, } } - status = rpccli_samr_DeleteDomainGroup(pipe_cli, ctx, + status = rpccli_samr_DeleteDomainGroup(pipe_cli, talloc_tos(), &group_handle); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); @@ -358,7 +358,7 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, done: if (is_valid_policy_hnd(&group_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &group_handle); + rpccli_samr_Close(pipe_cli, talloc_tos(), &group_handle); } if (ctx->disable_policy_handle_cache) { @@ -429,7 +429,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_group_name, r->in.group_name); - status = rpccli_samr_LookupNames(pipe_cli, ctx, + status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), &domain_handle, 1, &lsa_group_name, @@ -445,7 +445,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_OpenGroup(pipe_cli, ctx, + status = rpccli_samr_OpenGroup(pipe_cli, talloc_tos(), &domain_handle, SAMR_GROUP_ACCESS_SET_INFO | SAMR_GROUP_ACCESS_LOOKUP_INFO, @@ -460,7 +460,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, case 0: g0 = (struct GROUP_INFO_0 *)r->in.buffer; init_lsa_String(&info.name, g0->grpi0_name); - status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + status = rpccli_samr_SetGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFONAME, &info); @@ -468,7 +468,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, case 1: g1 = (struct GROUP_INFO_1 *)r->in.buffer; init_lsa_String(&info.description, g1->grpi1_comment); - status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + status = rpccli_samr_SetGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFODESCRIPTION, &info); @@ -476,7 +476,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, case 2: g2 = (struct GROUP_INFO_2 *)r->in.buffer; init_lsa_String(&info.description, g2->grpi2_comment); - status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + status = rpccli_samr_SetGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFODESCRIPTION, &info); @@ -485,7 +485,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, goto done; } info.attributes.attributes = g2->grpi2_attributes; - status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + status = rpccli_samr_SetGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFOATTRIBUTES, &info); @@ -493,7 +493,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, case 3: g3 = (struct GROUP_INFO_3 *)r->in.buffer; init_lsa_String(&info.description, g3->grpi3_comment); - status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + status = rpccli_samr_SetGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFODESCRIPTION, &info); @@ -502,7 +502,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, goto done; } info.attributes.attributes = g3->grpi3_attributes; - status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + status = rpccli_samr_SetGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFOATTRIBUTES, &info); @@ -510,7 +510,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, case 1002: g1002 = (struct GROUP_INFO_1002 *)r->in.buffer; init_lsa_String(&info.description, g1002->grpi1002_comment); - status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + status = rpccli_samr_SetGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFODESCRIPTION, &info); @@ -518,7 +518,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, case 1005: g1005 = (struct GROUP_INFO_1005 *)r->in.buffer; info.attributes.attributes = g1005->grpi1005_attributes; - status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + status = rpccli_samr_SetGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFOATTRIBUTES, &info); @@ -537,7 +537,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, done: if (is_valid_policy_hnd(&group_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &group_handle); + rpccli_samr_Close(pipe_cli, talloc_tos(), &group_handle); } if (ctx->disable_policy_handle_cache) { @@ -664,7 +664,7 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_group_name, r->in.group_name); - status = rpccli_samr_LookupNames(pipe_cli, ctx, + status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), &domain_handle, 1, &lsa_group_name, @@ -680,7 +680,7 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_OpenGroup(pipe_cli, ctx, + status = rpccli_samr_OpenGroup(pipe_cli, talloc_tos(), &domain_handle, SAMR_GROUP_ACCESS_LOOKUP_INFO, rids.ids[0], @@ -690,12 +690,12 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_QueryGroupInfo(pipe_cli, ctx, + status = rpccli_samr_QueryGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFOALL2, &info); if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS)) { - status = rpccli_samr_QueryGroupInfo(pipe_cli, ctx, + status = rpccli_samr_QueryGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFOALL, &info); @@ -716,7 +716,7 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, } done: if (is_valid_policy_hnd(&group_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &group_handle); + rpccli_samr_Close(pipe_cli, talloc_tos(), &group_handle); } if (ctx->disable_policy_handle_cache) { @@ -780,7 +780,7 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_group_name, r->in.group_name); - status = rpccli_samr_LookupNames(pipe_cli, ctx, + status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), &domain_handle, 1, &lsa_group_name, @@ -796,7 +796,7 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_OpenGroup(pipe_cli, ctx, + status = rpccli_samr_OpenGroup(pipe_cli, talloc_tos(), &domain_handle, SAMR_GROUP_ACCESS_ADD_MEMBER, rids.ids[0], @@ -808,7 +808,7 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_user_name, r->in.user_name); - status = rpccli_samr_LookupNames(pipe_cli, ctx, + status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), &domain_handle, 1, &lsa_user_name, @@ -824,7 +824,7 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_AddGroupMember(pipe_cli, ctx, + status = rpccli_samr_AddGroupMember(pipe_cli, talloc_tos(), &group_handle, rids.ids[0], 7); /* why ? */ @@ -837,7 +837,7 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, done: if (is_valid_policy_hnd(&group_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &group_handle); + rpccli_samr_Close(pipe_cli, talloc_tos(), &group_handle); } if (ctx->disable_policy_handle_cache) { @@ -901,7 +901,7 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_group_name, r->in.group_name); - status = rpccli_samr_LookupNames(pipe_cli, ctx, + status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), &domain_handle, 1, &lsa_group_name, @@ -917,7 +917,7 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_OpenGroup(pipe_cli, ctx, + status = rpccli_samr_OpenGroup(pipe_cli, talloc_tos(), &domain_handle, SAMR_GROUP_ACCESS_REMOVE_MEMBER, rids.ids[0], @@ -929,7 +929,7 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_user_name, r->in.user_name); - status = rpccli_samr_LookupNames(pipe_cli, ctx, + status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), &domain_handle, 1, &lsa_user_name, @@ -945,7 +945,7 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_DeleteGroupMember(pipe_cli, ctx, + status = rpccli_samr_DeleteGroupMember(pipe_cli, talloc_tos(), &group_handle, rids.ids[0]); if (!NT_STATUS_IS_OK(status)) { @@ -957,7 +957,7 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, done: if (is_valid_policy_hnd(&group_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &group_handle); + rpccli_samr_Close(pipe_cli, talloc_tos(), &group_handle); } if (ctx->disable_policy_handle_cache) { @@ -1179,7 +1179,7 @@ WERROR NetGroupEnum_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_QueryDomainInfo(pipe_cli, ctx, + status = rpccli_samr_QueryDomainInfo(pipe_cli, talloc_tos(), &domain_handle, 2, &domain_info); @@ -1310,7 +1310,7 @@ WERROR NetGroupGetUsers_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_account_name, r->in.group_name); - status = rpccli_samr_LookupNames(pipe_cli, ctx, + status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), &domain_handle, 1, &lsa_account_name, @@ -1321,7 +1321,7 @@ WERROR NetGroupGetUsers_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_OpenGroup(pipe_cli, ctx, + status = rpccli_samr_OpenGroup(pipe_cli, talloc_tos(), &domain_handle, SAMR_GROUP_ACCESS_GET_MEMBERS, group_rids.ids[0], @@ -1331,7 +1331,7 @@ WERROR NetGroupGetUsers_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_QueryGroupMember(pipe_cli, ctx, + status = rpccli_samr_QueryGroupMember(pipe_cli, talloc_tos(), &group_handle, &rid_array); if (!NT_STATUS_IS_OK(status)) { @@ -1339,7 +1339,7 @@ WERROR NetGroupGetUsers_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_LookupRids(pipe_cli, ctx, + status = rpccli_samr_LookupRids(pipe_cli, talloc_tos(), &domain_handle, rid_array->count, rid_array->rids, @@ -1375,7 +1375,7 @@ WERROR NetGroupGetUsers_r(struct libnetapi_ctx *ctx, done: if (is_valid_policy_hnd(&group_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &group_handle); + rpccli_samr_Close(pipe_cli, talloc_tos(), &group_handle); } if (ctx->disable_policy_handle_cache) { @@ -1461,7 +1461,7 @@ WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_account_name, r->in.group_name); - status = rpccli_samr_LookupNames(pipe_cli, ctx, + status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), &domain_handle, 1, &lsa_account_name, @@ -1472,7 +1472,7 @@ WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_OpenGroup(pipe_cli, ctx, + status = rpccli_samr_OpenGroup(pipe_cli, talloc_tos(), &domain_handle, SAMR_GROUP_ACCESS_GET_MEMBERS | SAMR_GROUP_ACCESS_ADD_MEMBER | @@ -1485,7 +1485,7 @@ WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_QueryGroupInfo(pipe_cli, ctx, + status = rpccli_samr_QueryGroupInfo(pipe_cli, talloc_tos(), &group_handle, GROUPINFOATTRIBUTES, &group_info); @@ -1523,7 +1523,7 @@ WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, } } - status = rpccli_samr_LookupNames(pipe_cli, ctx, + status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), &domain_handle, r->in.num_entries, lsa_names, @@ -1536,7 +1536,7 @@ WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, member_rids = user_rids.ids; - status = rpccli_samr_QueryGroupMember(pipe_cli, ctx, + status = rpccli_samr_QueryGroupMember(pipe_cli, talloc_tos(), &group_handle, &rid_array); if (!NT_STATUS_IS_OK(status)) { @@ -1587,7 +1587,7 @@ WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, /* add list */ for (i=0; i < num_add_rids; i++) { - status = rpccli_samr_AddGroupMember(pipe_cli, ctx, + status = rpccli_samr_AddGroupMember(pipe_cli, talloc_tos(), &group_handle, add_rids[i], 7 /* ? */); @@ -1600,7 +1600,7 @@ WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, /* del list */ for (i=0; i < num_del_rids; i++) { - status = rpccli_samr_DeleteGroupMember(pipe_cli, ctx, + status = rpccli_samr_DeleteGroupMember(pipe_cli, talloc_tos(), &group_handle, del_rids[i]); if (!NT_STATUS_IS_OK(status)) { @@ -1613,7 +1613,7 @@ WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, done: if (is_valid_policy_hnd(&group_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &group_handle); + rpccli_samr_Close(pipe_cli, talloc_tos(), &group_handle); } if (ctx->disable_policy_handle_cache) { -- cgit