From fcbe6163f65ae9e4fce9228434c447ad34943010 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 21 Oct 2009 15:18:59 +1100 Subject: s4:samr Don't leak the whole user onto the long-term handle The user entry is only required for this function, so use mem_ctx to hold it. Andrew Bartlett --- source4/rpc_server/samr/dcesrv_samr.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source4/rpc_server/samr') diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index 6c5f5b845f..5b9aa91ded 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -1296,7 +1296,7 @@ static NTSTATUS dcesrv_samr_CreateUser2(struct dcesrv_call_state *dce_call, TALL } /* add core elements to the ldb_message for the user */ - msg->dn = ldb_dn_copy(mem_ctx, d_state->domain_dn); + msg->dn = ldb_dn_copy(msg, d_state->domain_dn); if ( ! ldb_dn_add_child_fmt(msg->dn, "CN=%s,%s", cn_name, container)) { ldb_transaction_cancel(d_state->sam_ctx); return NT_STATUS_FOOBAR; @@ -1344,7 +1344,7 @@ static NTSTATUS dcesrv_samr_CreateUser2(struct dcesrv_call_state *dce_call, TALL a_state->account_dn = talloc_steal(a_state, msg->dn); /* retrieve the sid and account control bits for the user just created */ - ret = gendb_search_dn(d_state->sam_ctx, a_state, + ret = gendb_search_dn(d_state->sam_ctx, mem_ctx, msg->dn, &msgs, attrs); if (ret != 1) { -- cgit