From af0f14e3a72756dfaff36e0106ae0f7eaac06633 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Sat, 9 Dec 2006 23:55:20 +0000
Subject: r20097: Ensure found_username is freed correctly when talloced on the
 null context. Jeremy. (This used to be commit
 2c59c4dddceb9cb12848d7ee48257c5e93ea2667)

---
 source3/smbd/service.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'source3/smbd/service.c')

diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 62d85cfdd9..08370b1c80 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -643,7 +643,8 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
 	if (lp_guest_only(snum)) {
 		const char *guestname = lp_guestaccount();
 		NTSTATUS status2;
-		char *found_username;
+		char *found_username = NULL;
+
 		guest = True;
 		pass = getpwnam_alloc(NULL, guestname);
 		if (!pass) {
@@ -658,6 +659,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
 						     &found_username,
 						     &conn->nt_user_token);
 		if (!NT_STATUS_IS_OK(status2)) {
+			TALLOC_FREE(found_username);
 			conn_free(conn);
 			*status = status2;
 			return NULL;
@@ -665,6 +667,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
 		fstrcpy(user, found_username);
 		string_set(&conn->user,user);
 		conn->force_user = True;
+		TALLOC_FREE(found_username);
 		TALLOC_FREE(pass);
 		DEBUG(3,("Guest only user %s\n",user));
 	} else if (vuser) {
@@ -697,7 +700,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
 		guest = vuser->guest; 
 	} else if (lp_security() == SEC_SHARE) {
 		NTSTATUS status2;
-		char *found_username;
+		char *found_username = NULL;
 		/* add it as a possible user name if we 
 		   are in share mode security */
 		add_session_user(lp_servicename(snum));
@@ -715,12 +718,14 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
 						     &found_username,
 						     &conn->nt_user_token);
 		if (!NT_STATUS_IS_OK(status2)) {
+			TALLOC_FREE(found_username);
 			conn_free(conn);
 			*status = status2;
 			return NULL;
 		}
 		fstrcpy(user, found_username);
 		string_set(&conn->user,user);
+		TALLOC_FREE(found_username);
 		conn->force_user = True;
 	} else {
 		DEBUG(0, ("invalid VUID (vuser) but not in security=share\n"));
-- 
cgit