From 6f42da795e5cce29c122aea1a6818c1ae1d99ae6 Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Thu, 2 Dec 2010 11:49:56 +0100 Subject: s4:dsdb/samdb/cracknames.c - fix various KRB5 memory leaks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Autobuild-User: Matthias Dieter Wallnöfer Autobuild-Date: Thu Dec 2 12:35:03 CET 2010 on sn-devel-104 --- source4/dsdb/samdb/cracknames.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) (limited to 'source4') diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c index 6df140fed3..0b7b6ed1c5 100644 --- a/source4/dsdb/samdb/cracknames.c +++ b/source4/dsdb/samdb/cracknames.c @@ -206,6 +206,7 @@ static WERROR DsCrackNameSPNAlias(struct ldb_context *sam_ctx, TALLOC_CTX *mem_c /* This is checked for in callers, but be safe */ if (principal->name.name_string.len < 2) { info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND; + krb5_free_principal(smb_krb5_context->krb5_context, principal); return WERR_OK; } service = principal->name.name_string.val[0]; @@ -217,13 +218,14 @@ static WERROR DsCrackNameSPNAlias(struct ldb_context *sam_ctx, TALLOC_CTX *mem_c service, &new_service); if (namestatus == DRSUAPI_DS_NAME_STATUS_NOT_FOUND) { + wret = WERR_OK; info1->status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY; info1->dns_domain_name = talloc_strdup(mem_ctx, dns_name); if (!info1->dns_domain_name) { - krb5_free_principal(smb_krb5_context->krb5_context, principal); - return WERR_NOMEM; + wret = WERR_NOMEM; } - return WERR_OK; + krb5_free_principal(smb_krb5_context->krb5_context, principal); + return wret; } else if (namestatus != DRSUAPI_DS_NAME_STATUS_OK) { info1->status = namestatus; krb5_free_principal(smb_krb5_context->krb5_context, principal); @@ -293,7 +295,8 @@ static WERROR DsCrackNameUPN(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, return WERR_OK; } - realm = krb5_principal_get_realm(smb_krb5_context->krb5_context, principal); + realm = krb5_principal_get_realm(smb_krb5_context->krb5_context, + principal); ldb_ret = ldb_search(sam_ctx, mem_ctx, &domain_res, samdb_partitions_dn(sam_ctx, mem_ctx), @@ -306,6 +309,7 @@ static WERROR DsCrackNameUPN(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, if (ldb_ret != LDB_SUCCESS) { DEBUG(2, ("DsCrackNameUPN domain ref search failed: %s", ldb_errstring(sam_ctx))); info1->status = DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR; + krb5_free_principal(smb_krb5_context->krb5_context, principal); return WERR_OK; } @@ -313,10 +317,12 @@ static WERROR DsCrackNameUPN(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, case 1: break; case 0: + krb5_free_principal(smb_krb5_context->krb5_context, principal); return dns_domain_from_principal(mem_ctx, smb_krb5_context, name, info1); default: info1->status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE; + krb5_free_principal(smb_krb5_context->krb5_context, principal); return WERR_OK; } @@ -616,12 +622,12 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND; krb5_free_principal(smb_krb5_context->krb5_context, principal); return WERR_OK; + } else if (ret == 0) { + krb5_free_principal(smb_krb5_context->krb5_context, principal); } ret = krb5_parse_name_flags(smb_krb5_context->krb5_context, name, KRB5_PRINCIPAL_PARSE_NO_REALM, &principal); if (ret) { - krb5_free_principal(smb_krb5_context->krb5_context, principal); - return dns_domain_from_principal(mem_ctx, smb_krb5_context, name, info1); } @@ -642,6 +648,7 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, computer_name = talloc_strndup(mem_ctx, principal->name.name_string.val[1], strcspn(principal->name.name_string.val[1], ".")); if (computer_name == NULL) { + krb5_free_principal(smb_krb5_context->krb5_context, principal); return WERR_NOMEM; } @@ -662,7 +669,6 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND; return WERR_OK; } - } if (format_flags & DRSUAPI_DS_NAME_FLAG_SYNTACTICAL_ONLY) { -- cgit