From b279ee16e982d419c2205a7f790bd9cb8035d6e5 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 7 Jun 2005 17:52:19 +0000 Subject: r7372: abartet's patch for BUG 2391 (segv caused by free a static pointer) (This used to be commit 4cda2bd035276bd090bf0fbd4e3b2eff657a80cb) --- source3/lib/username.c | 57 +++++++++++++++++++++++++++++++------------------- 1 file changed, 36 insertions(+), 21 deletions(-) (limited to 'source3/lib') diff --git a/source3/lib/username.c b/source3/lib/username.c index 317935d396..e691e4c1f1 100644 --- a/source3/lib/username.c +++ b/source3/lib/username.c @@ -250,35 +250,16 @@ static struct passwd *Get_Pwnam_internals(const char *user, char *user2) done: DEBUG(5,("Get_Pwnam_internals %s find user [%s]!\n",ret ? "did":"didn't", user)); - /* This call used to just return the 'passwd' static buffer. - This could then have accidental reuse implications, so - we now malloc a copy, and free it in the next use. - - This should cause the (ab)user to segfault if it - uses an old struct. - - This is better than useing the wrong data in security - critical operations. - - The real fix is to make the callers free the returned - malloc'ed data. - */ - - if (Get_Pwnam_ret) { - passwd_free(&Get_Pwnam_ret); - } - - Get_Pwnam_ret = ret; - return ret; } /**************************************************************************** Get_Pwnam wrapper without modification. NOTE: This with NOT modify 'user'! + This will return an allocated structure ****************************************************************************/ -struct passwd *Get_Pwnam(const char *user) +struct passwd *Get_Pwnam_alloc(const char *user) { fstring user2; struct passwd *ret; @@ -297,6 +278,40 @@ struct passwd *Get_Pwnam(const char *user) return ret; } +/**************************************************************************** + Get_Pwnam wrapper without modification. + NOTE: This with NOT modify 'user'! +****************************************************************************/ + +struct passwd *Get_Pwnam(const char *user) +{ + struct passwd *ret; + + ret = Get_Pwnam_alloc(user); + + /* This call used to just return the 'passwd' static buffer. + This could then have accidental reuse implications, so + we now malloc a copy, and free it in the next use. + + This should cause the (ab)user to segfault if it + uses an old struct. + + This is better than useing the wrong data in security + critical operations. + + The real fix is to make the callers free the returned + malloc'ed data. + */ + + if (Get_Pwnam_ret) { + passwd_free(&Get_Pwnam_ret); + } + + Get_Pwnam_ret = ret; + + return ret; +} + /**************************************************************************** Check if a user is in a netgroup user list. If at first we don't succeed, try lower case. -- cgit