From 1c3c9a483be6d63b8efb67bfd2c04ef9302ccce6 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 22 Sep 2010 16:44:17 -0700 Subject: [PATCH] s4-param: Fix more memory leaks, invalid memory context. --- source4/auth/credentials/pycredentials.c | 48 ++++++++++++++++----- source4/auth/gensec/gensec_gssapi.c | 2 +- source4/auth/pyauth.c | 40 +++++++++++++---- source4/lib/registry/pyregistry.c | 37 ++++++++++++++-- source4/param/provision.c | 2 +- source4/scripting/python/pyglue.c | 4 ++ source4/scripting/python/samba/provision.py | 3 +- 7 files changed, 111 insertions(+), 25 deletions(-) diff --git a/source4/auth/credentials/pycredentials.c b/source4/auth/credentials/pycredentials.c index e1a74037ecf..879d906d6fc 100644 --- a/source4/auth/credentials/pycredentials.c +++ b/source4/auth/credentials/pycredentials.c @@ -207,6 +207,7 @@ static PyObject *py_creds_guess(py_talloc_Object *self, PyObject *args) { PyObject *py_lp_ctx = Py_None; struct loadparm_context *lp_ctx; + TALLOC_CTX *mem_ctx; struct cli_credentials *creds; creds = PyCredentials_AsCliCredentials(self); @@ -214,13 +215,21 @@ static PyObject *py_creds_guess(py_talloc_Object *self, PyObject *args) if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx)) return NULL; - lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); - if (lp_ctx == NULL) + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) { + PyErr_NoMemory(); return NULL; + } + + lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx); + if (lp_ctx == NULL) { + talloc_free(mem_ctx); + return NULL; + } cli_credentials_guess(creds, lp_ctx); - talloc_free(lp_ctx); + talloc_free(mem_ctx); Py_RETURN_NONE; } @@ -231,18 +240,27 @@ static PyObject *py_creds_set_machine_account(py_talloc_Object *self, PyObject * struct loadparm_context *lp_ctx; NTSTATUS status; struct cli_credentials *creds; + TALLOC_CTX *mem_ctx; creds = PyCredentials_AsCliCredentials(self); if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx)) return NULL; - lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); - if (lp_ctx == NULL) + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) { + PyErr_NoMemory(); return NULL; + } + + lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx); + if (lp_ctx == NULL) { + talloc_free(mem_ctx); + return NULL; + } status = cli_credentials_set_machine_account(creds, lp_ctx); - talloc_free(lp_ctx); + talloc_free(mem_ctx); PyErr_NTSTATUS_IS_ERR_RAISE(status); @@ -278,29 +296,39 @@ static PyObject *py_creds_get_named_ccache(py_talloc_Object *self, PyObject *arg int ret; const char *error_string; struct cli_credentials *creds; + TALLOC_CTX *mem_ctx; creds = PyCredentials_AsCliCredentials(self); if (!PyArg_ParseTuple(args, "|Os", &py_lp_ctx, &ccache_name)) return NULL; - lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: leaky */ - if (lp_ctx == NULL) + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) { + PyErr_NoMemory(); return NULL; + } - event_ctx = tevent_context_init(NULL); + lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx); + if (lp_ctx == NULL) { + talloc_free(mem_ctx); + return NULL; + } + + event_ctx = tevent_context_init(mem_ctx); ret = cli_credentials_get_named_ccache(creds, event_ctx, lp_ctx, ccache_name, &ccc, &error_string); talloc_free(lp_ctx); if (ret == 0) { talloc_steal(ccc, event_ctx); + talloc_free(mem_ctx); return PyCredentialCacheContainer_from_ccache_container(ccc); } PyErr_SetString(PyExc_RuntimeError, error_string?error_string:"NULL"); - talloc_free(event_ctx); + talloc_free(mem_ctx); return NULL; } diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c index f28ab95dbdd..d2f19e961e2 100644 --- a/source4/auth/gensec/gensec_gssapi.c +++ b/source4/auth/gensec/gensec_gssapi.c @@ -360,7 +360,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi hostname, lpcfg_realm(gensec_security->settings->lp_ctx)); name_type = GSS_C_NT_USER_NAME; - } + } name_token.value = discard_const_p(uint8_t, principal); name_token.length = strlen(principal); diff --git a/source4/auth/pyauth.c b/source4/auth/pyauth.c index a66411bb4af..c2a5e408c70 100644 --- a/source4/auth/pyauth.c +++ b/source4/auth/pyauth.c @@ -43,16 +43,25 @@ static PyObject *py_system_session(PyObject *module, PyObject *args) PyObject *py_lp_ctx = Py_None; struct loadparm_context *lp_ctx = NULL; struct auth_session_info *session; + TALLOC_CTX *mem_ctx; if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx)) return NULL; - lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); - if (lp_ctx == NULL) + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) { + PyErr_NoMemory(); return NULL; + } + + lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx); + if (lp_ctx == NULL) { + talloc_free(mem_ctx); + return NULL; + } session = system_session(lp_ctx); - talloc_free(lp_ctx); + talloc_free(mem_ctx); return PyAuthSession_FromSession(session); } @@ -65,17 +74,32 @@ static PyObject *py_admin_session(PyObject *module, PyObject *args) struct loadparm_context *lp_ctx = NULL; struct auth_session_info *session; struct dom_sid *domain_sid = NULL; + TALLOC_CTX *mem_ctx; + if (!PyArg_ParseTuple(args, "OO", &py_lp_ctx, &py_sid)) return NULL; - lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); - if (lp_ctx == NULL) + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) { + PyErr_NoMemory(); return NULL; + } - domain_sid = dom_sid_parse_talloc(NULL, PyString_AsString(py_sid)); + lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx); + if (lp_ctx == NULL) { + talloc_free(mem_ctx); + return NULL; + } + + domain_sid = dom_sid_parse_talloc(mem_ctx, PyString_AsString(py_sid)); + if (domain_sid == NULL) { + PyErr_Format(PyExc_RuntimeError, "Unable to parse sid %s", + PyString_AsString(py_sid)); + talloc_free(mem_ctx); + return NULL; + } session = admin_session(NULL, lp_ctx, domain_sid); - - talloc_free(lp_ctx); + talloc_free(mem_ctx); return PyAuthSession_FromSession(session); } diff --git a/source4/lib/registry/pyregistry.c b/source4/lib/registry/pyregistry.c index 1373ed87ca8..9952ed34946 100644 --- a/source4/lib/registry/pyregistry.c +++ b/source4/lib/registry/pyregistry.c @@ -253,6 +253,7 @@ static PyObject *py_open_hive(PyTypeObject *type, PyObject *args, PyObject *kwar struct cli_credentials *credentials; char *location; struct hive_key *hive_key; + TALLOC_CTX *mem_ctx; if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s|OOO", discard_const_p(char *, kwnames), @@ -261,15 +262,23 @@ static PyObject *py_open_hive(PyTypeObject *type, PyObject *args, PyObject *kwar &py_credentials)) return NULL; - lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: leaky */ + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) { + PyErr_NoMemory(); + return NULL; + } + + lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx); if (lp_ctx == NULL) { PyErr_SetString(PyExc_TypeError, "Expected loadparm context"); + talloc_free(mem_ctx); return NULL; } credentials = cli_credentials_from_py_object(py_credentials); if (credentials == NULL) { PyErr_SetString(PyExc_TypeError, "Expected credentials"); + talloc_free(mem_ctx); return NULL; } session_info = NULL; @@ -277,6 +286,7 @@ static PyObject *py_open_hive(PyTypeObject *type, PyObject *args, PyObject *kwar result = reg_open_hive(NULL, location, session_info, credentials, tevent_context_init(NULL), lp_ctx, &hive_key); + talloc_free(mem_ctx); PyErr_WERROR_IS_ERR_RAISE(result); return py_talloc_steal(&PyHiveKey, hive_key); @@ -307,21 +317,31 @@ static PyObject *py_open_samba(PyObject *self, PyObject *args, PyObject *kwargs) PyObject *py_lp_ctx, *py_session_info, *py_credentials; struct auth_session_info *session_info; struct cli_credentials *credentials; + TALLOC_CTX *mem_ctx; + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "|OOO", discard_const_p(char *, kwnames), &py_lp_ctx, &py_session_info, &py_credentials)) return NULL; - lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: leaky */ + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) { + PyErr_NoMemory(); + return NULL; + } + + lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx); if (lp_ctx == NULL) { PyErr_SetString(PyExc_TypeError, "Expected loadparm context"); + talloc_free(mem_ctx); return NULL; } credentials = cli_credentials_from_py_object(py_credentials); if (credentials == NULL) { PyErr_SetString(PyExc_TypeError, "Expected credentials"); + talloc_free(mem_ctx); return NULL; } @@ -329,6 +349,7 @@ static PyObject *py_open_samba(PyObject *self, PyObject *args, PyObject *kwargs) result = reg_open_samba(NULL, ®_ctx, NULL, lp_ctx, session_info, credentials); + talloc_free(mem_ctx); if (!W_ERROR_IS_OK(result)) { PyErr_SetWERROR(result); return NULL; @@ -377,6 +398,7 @@ static PyObject *py_open_ldb_file(PyObject *self, PyObject *args, PyObject *kwar struct cli_credentials *credentials; struct hive_key *key; struct auth_session_info *session_info; + TALLOC_CTX *mem_ctx; if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s|OOO", discard_const_p(char *, kwnames), @@ -384,15 +406,23 @@ static PyObject *py_open_ldb_file(PyObject *self, PyObject *args, PyObject *kwar &py_credentials, &py_lp_ctx)) return NULL; - lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: leaky */ + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) { + PyErr_NoMemory(); + return NULL; + } + + lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx); if (lp_ctx == NULL) { PyErr_SetString(PyExc_TypeError, "Expected loadparm context"); + talloc_free(mem_ctx); return NULL; } credentials = cli_credentials_from_py_object(py_credentials); if (credentials == NULL) { PyErr_SetString(PyExc_TypeError, "Expected credentials"); + talloc_free(mem_ctx); return NULL; } @@ -400,6 +430,7 @@ static PyObject *py_open_ldb_file(PyObject *self, PyObject *args, PyObject *kwar result = reg_open_ldb_file(NULL, location, session_info, credentials, s4_event_context_init(NULL), lp_ctx, &key); + talloc_free(mem_ctx); PyErr_WERROR_IS_ERR_RAISE(result); return py_talloc_steal(&PyHiveKey, key); diff --git a/source4/param/provision.c b/source4/param/provision.c index 593f9ff168e..fd97f69cb35 100644 --- a/source4/param/provision.c +++ b/source4/param/provision.c @@ -198,7 +198,7 @@ NTSTATUS provision_bare(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx, DEBUG(0, ("Missing 'lp' attribute")); return NT_STATUS_UNSUCCESSFUL; } - result->lp_ctx = lpcfg_from_py_object(result, py_lp_ctx); + result->lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx); result->samdb = PyLdb_AsLdbContext(PyObject_GetAttrString(py_result, "samdb")); return NT_STATUS_OK; diff --git a/source4/scripting/python/pyglue.c b/source4/scripting/python/pyglue.c index 2afd1fa0104..627443dee5f 100644 --- a/source4/scripting/python/pyglue.c +++ b/source4/scripting/python/pyglue.c @@ -131,6 +131,10 @@ static PyObject *py_interface_ips(PyObject *self, PyObject *args) return NULL; tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + PyErr_NoMemory(); + return NULL; + } lp_ctx = lpcfg_from_py_object(tmp_ctx, py_lp_ctx); if (lp_ctx == NULL) { diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index ef5852090f7..64292518503 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -1491,7 +1491,6 @@ def provision(setup_dir, logger, session_info, lp=lp) share_ldb.load_ldif_file_add(setup_path("share.ldif")) - logger.info("Setting up secrets.ldb") secrets_ldb = setup_secretsdb(paths.secrets, setup_path, session_info=session_info, @@ -1623,7 +1622,7 @@ def provision(setup_dir, logger, session_info, provision_backend.post_setup() provision_backend.shutdown() - + create_phpldapadmin_config(paths.phpldapadminconfig, setup_path, ldapi_url) except: