From 6836ffc9fc088ea6c4444b9e4abfe2766a54f6a8 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 15 Jan 2014 10:27:49 +0100
Subject: [PATCH] s3:rpc_server: only become the user if we have a valid
 context_id

Pair-Programmed-With: Gregor Beck <gbeck@sernet.de>

Signed-off-by: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
---
 source3/rpc_server/srv_pipe.c | 43 +++++++++++++++++------------------
 1 file changed, 21 insertions(+), 22 deletions(-)

diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index e5bd3a7adef..29e5b8af8ec 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -1213,46 +1213,45 @@ static bool api_rpcTNP(struct pipes_struct *p, struct ncacn_packet *pkt,
 static bool api_pipe_request(struct pipes_struct *p,
 				struct ncacn_packet *pkt)
 {
+	TALLOC_CTX *frame = talloc_stackframe();
 	bool ret = False;
 	struct pipe_rpc_fns *pipe_fns;
 
 	if (!p->pipe_bound) {
 		DEBUG(1, ("Pipe not bound!\n"));
 		data_blob_free(&p->out_data.rdata);
+		TALLOC_FREE(frame);
+		return false;
+	}
+
+	/* get the set of RPC functions for this context */
+	pipe_fns = find_pipe_fns_by_context(p->contexts,
+					    pkt->u.request.context_id);
+	if (pipe_fns == NULL) {
+		DEBUG(0, ("No rpc function table associated with context "
+			  "[%d]\n",
+			  pkt->u.request.context_id));
+		data_blob_free(&p->out_data.rdata);
+		TALLOC_FREE(frame);
 		return false;
 	}
 
 	if (!become_authenticated_pipe_user(p->session_info)) {
 		DEBUG(1, ("Failed to become pipe user!\n"));
 		data_blob_free(&p->out_data.rdata);
+		TALLOC_FREE(frame);
 		return false;
 	}
 
-	/* get the set of RPC functions for this context */
-
-	pipe_fns = find_pipe_fns_by_context(p->contexts,
-					    pkt->u.request.context_id);
-
-	if ( pipe_fns ) {
-		TALLOC_CTX *frame = talloc_stackframe();
-
-		DEBUG(5, ("Requested %s rpc service\n",
-			  ndr_interface_name(&pipe_fns->syntax.uuid,
-					     pipe_fns->syntax.if_version)));
-
-		ret = api_rpcTNP(p, pkt, pipe_fns->cmds, pipe_fns->n_cmds,
-				 &pipe_fns->syntax);
-
-		TALLOC_FREE(frame);
-	}
-	else {
-		DEBUG(0, ("No rpc function table associated with context "
-			  "[%d]\n",
-			  pkt->u.request.context_id));
-	}
+	DEBUG(5, ("Requested %s rpc service\n",
+		  ndr_interface_name(&pipe_fns->syntax.uuid,
+				     pipe_fns->syntax.if_version)));
 
+	ret = api_rpcTNP(p, pkt, pipe_fns->cmds, pipe_fns->n_cmds,
+			 &pipe_fns->syntax);
 	unbecome_authenticated_pipe_user();
 
+	TALLOC_FREE(frame);
 	return ret;
 }