From fcbe6163f65ae9e4fce9228434c447ad34943010 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 21 Oct 2009 15:18:59 +1100
Subject: s4:samr Don't leak the whole user onto the long-term handle

The user entry is only required for this function, so use
mem_ctx to hold it.

Andrew Bartlett
---
 source4/rpc_server/samr/dcesrv_samr.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source4')

diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 6c5f5b845f..5b9aa91ded 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -1296,7 +1296,7 @@ static NTSTATUS dcesrv_samr_CreateUser2(struct dcesrv_call_state *dce_call, TALL
 	}
 
 	/* add core elements to the ldb_message for the user */
-	msg->dn = ldb_dn_copy(mem_ctx, d_state->domain_dn);
+	msg->dn = ldb_dn_copy(msg, d_state->domain_dn);
 	if ( ! ldb_dn_add_child_fmt(msg->dn, "CN=%s,%s", cn_name, container)) {
 		ldb_transaction_cancel(d_state->sam_ctx);
 		return NT_STATUS_FOOBAR;
@@ -1344,7 +1344,7 @@ static NTSTATUS dcesrv_samr_CreateUser2(struct dcesrv_call_state *dce_call, TALL
 	a_state->account_dn = talloc_steal(a_state, msg->dn);
 
 	/* retrieve the sid and account control bits for the user just created */
-	ret = gendb_search_dn(d_state->sam_ctx, a_state,
+	ret = gendb_search_dn(d_state->sam_ctx, mem_ctx,
 			      msg->dn, &msgs, attrs);
 
 	if (ret != 1) {
-- 
cgit