From 5ffa7683295ae7006a51dc8244918ed89f500184 Mon Sep 17 00:00:00 2001
From: Jo Sutton <josutton@catalyst.net.nz>
Date: Mon, 29 Apr 2024 17:07:43 +1200
Subject: [PATCH] s4:auth: Add temporary memory context to
 authsam_reread_user_logon_data()

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 source4/auth/sam.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index 6a4f69a7e5f..963f3d4027c 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -1000,6 +1000,7 @@ NTSTATUS authsam_reread_user_logon_data(
 	const struct ldb_message *user_msg,
 	struct ldb_message **current)
 {
+	TALLOC_CTX *tmp_ctx = NULL;
 	const struct ldb_val *v = NULL;
 	struct ldb_result *res = NULL;
 	uint16_t acct_flags = 0;
@@ -1007,6 +1008,12 @@ NTSTATUS authsam_reread_user_logon_data(
 	NTSTATUS status = NT_STATUS_OK;
 	int ret;
 
+	tmp_ctx = talloc_new(mem_ctx);
+	if (tmp_ctx == NULL) {
+		status = NT_STATUS_NO_MEMORY;
+		goto out;
+	}
+
 	/*
 	 * Re-read the account details, using the GUID in case the DN
 	 * is being changed (this is automatic in LDB because the
@@ -1016,7 +1023,7 @@ NTSTATUS authsam_reread_user_logon_data(
 	 * subset to ensure that we can reuse existing validation code.
 	 */
 	ret = dsdb_search_dn(sam_ctx,
-			     mem_ctx,
+			     tmp_ctx,
 			     &res,
 			     user_msg->dn,
 			     user_attrs,
@@ -1049,7 +1056,7 @@ NTSTATUS authsam_reread_user_logon_data(
 	}
 	*current = talloc_steal(mem_ctx, res->msgs[0]);
 out:
-	TALLOC_FREE(res);
+	TALLOC_FREE(tmp_ctx);
 	return status;
 }