From 8c0db1bbc469932694ed877eebecffa3d1948abd Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 19 May 2004 21:49:58 +0000
Subject: r786: Memory leak fixes in (mostly) error code paths from
 kawasa_r@itg.hitachi.co.jp. A couple of mem leak fixes in mainline code paths
 though :-). Jeremy. (This used to be commit
 4695cc95fe576b6da0d0cb0686f208fc306b2646)

---
 source3/smbd/sesssetup.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'source3/smbd/sesssetup.c')

diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 902db2d288..8a56478929 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -150,7 +150,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 	DATA_BLOB auth_data;
 	DATA_BLOB ap_rep, ap_rep_wrapped, response;
 	auth_serversupplied_info *server_info = NULL;
-	DATA_BLOB session_key;
+	DATA_BLOB session_key = data_blob(NULL, 0);
 	uint8 tok_id[2];
 	BOOL foreign = False;
 	DATA_BLOB nullblob = data_blob(NULL, 0);
@@ -183,6 +183,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 	if (!p) {
 		DEBUG(3,("Doesn't look like a valid principal\n"));
 		data_blob_free(&ap_rep);
+		data_blob_free(&session_key);
 		SAFE_FREE(client);
 		return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 	}
@@ -192,6 +193,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 		DEBUG(3,("Ticket for foreign realm %s@%s\n", client, p+1));
 		if (!lp_allow_trusted_domains()) {
 			data_blob_free(&ap_rep);
+			data_blob_free(&session_key);
 			SAFE_FREE(client);
 			return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 		}
@@ -249,6 +251,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 		SAFE_FREE(user);
 		SAFE_FREE(client);
 		data_blob_free(&ap_rep);
+		data_blob_free(&session_key);
 		return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 	}
 
@@ -263,6 +266,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 		SAFE_FREE(user);
 		SAFE_FREE(client);
 		data_blob_free(&ap_rep);
+		data_blob_free(&session_key);
 		return ERROR_NT(ret);
 	}
 
@@ -274,6 +278,8 @@ static int reply_spnego_kerberos(connection_struct *conn,
         }
 
 	/* register_vuid keeps the server info */
+	/* register_vuid takes ownership of session_key, no need to free after this.
+ 	   A better interface would copy it.... */
 	sess_vuid = register_vuid(server_info, session_key, nullblob, client);
 
 	SAFE_FREE(user);
-- 
cgit