mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
r786: Memory leak fixes in (mostly) error code paths from
kawasa_r@itg.hitachi.co.jp. A couple of mem leak fixes in
mainline code paths though :-).
Jeremy.
(This used to be commit 4695cc95fe
)
This commit is contained in:
parent
509c71fef5
commit
8c0db1bbc4
@ -1236,6 +1236,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
|
||||
info3->gids[i].g_rid));
|
||||
|
||||
SAFE_FREE(lgroupSIDs);
|
||||
SAFE_FREE(all_group_SIDs);
|
||||
free_server_info(server_info);
|
||||
|
||||
return nt_status;
|
||||
@ -1264,6 +1265,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
|
||||
|
||||
if ( !NT_STATUS_IS_OK(nt_status) ) {
|
||||
DEBUG(4,("create_nt_user_token failed\n"));
|
||||
SAFE_FREE(lgroupSIDs);
|
||||
SAFE_FREE(all_group_SIDs);
|
||||
free_server_info(server_info);
|
||||
return nt_status;
|
||||
@ -1271,6 +1273,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
|
||||
|
||||
(*server_info)->ptok = token;
|
||||
|
||||
SAFE_FREE(lgroupSIDs);
|
||||
SAFE_FREE(all_group_SIDs);
|
||||
|
||||
/* ensure we are never given NULL session keys */
|
||||
|
@ -127,9 +127,7 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
|
||||
|
||||
if (result == NSS_STATUS_SUCCESS && response.extra_data) {
|
||||
if (NT_STATUS_IS_OK(nt_status)) {
|
||||
|
||||
if (NT_STATUS_IS_OK(nt_status = get_info3_from_ndr(mem_ctx, &response, &info3)))
|
||||
{
|
||||
if (NT_STATUS_IS_OK(nt_status = get_info3_from_ndr(mem_ctx, &response, &info3))) {
|
||||
nt_status = make_server_info_info3(mem_ctx,
|
||||
user_info->internal_username.str,
|
||||
user_info->smb_name.str, user_info->domain.str,
|
||||
@ -141,6 +139,7 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
|
||||
nt_status = NT_STATUS_NO_LOGON_SERVERS;
|
||||
}
|
||||
|
||||
SAFE_FREE(response.extra_data);
|
||||
return nt_status;
|
||||
}
|
||||
|
||||
|
@ -114,12 +114,14 @@ BOOL trustdom_cache_store(char* name, char* alt_name, const DOM_SID *sid,
|
||||
{
|
||||
char *key, *alt_key;
|
||||
fstring sid_string;
|
||||
BOOL ret;
|
||||
|
||||
/*
|
||||
* we use gecache call to avoid annoying debug messages
|
||||
* about initialised trustdom
|
||||
*/
|
||||
if (!gencache_init()) return False;
|
||||
if (!gencache_init())
|
||||
return False;
|
||||
|
||||
DEBUG(5, ("trustdom_store: storing SID %s of domain %s\n",
|
||||
sid_string_static(sid), name));
|
||||
@ -134,11 +136,18 @@ BOOL trustdom_cache_store(char* name, char* alt_name, const DOM_SID *sid,
|
||||
* try to put the names in the cache
|
||||
*/
|
||||
if (alt_key) {
|
||||
return (gencache_set(alt_key, sid_string, timeout)
|
||||
&& gencache_set(key, sid_string, timeout));
|
||||
ret = gencache_set(alt_key, sid_string, timeout);
|
||||
if ( ret ) {
|
||||
ret = gencache_set(key, sid_string, timeout);
|
||||
}
|
||||
SAFE_FREE(alt_key);
|
||||
SAFE_FREE(key);
|
||||
return ret;
|
||||
}
|
||||
|
||||
return gencache_set(key, sid_string, timeout);
|
||||
|
||||
ret = gencache_set(key, sid_string, timeout);
|
||||
SAFE_FREE(key);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
@ -155,22 +164,26 @@ BOOL trustdom_cache_store(char* name, char* alt_name, const DOM_SID *sid,
|
||||
|
||||
BOOL trustdom_cache_fetch(const char* name, DOM_SID* sid)
|
||||
{
|
||||
char *key, *value;
|
||||
char *key = NULL, *value = NULL;
|
||||
time_t timeout;
|
||||
|
||||
/* init the cache */
|
||||
if (!gencache_init()) return False;
|
||||
if (!gencache_init())
|
||||
return False;
|
||||
|
||||
/* exit now if null pointers were passed as they're required further */
|
||||
if (!sid) return False;
|
||||
if (!sid)
|
||||
return False;
|
||||
|
||||
/* prepare a key and get the value */
|
||||
key = trustdom_cache_key(name);
|
||||
if (!key) return False;
|
||||
if (!key)
|
||||
return False;
|
||||
|
||||
if (!gencache_get(key, &value, &timeout)) {
|
||||
DEBUG(5, ("no entry for trusted domain %s found.\n", name));
|
||||
SAFE_FREE(key);
|
||||
SAFE_FREE(value);
|
||||
return False;
|
||||
} else {
|
||||
SAFE_FREE(key);
|
||||
@ -180,9 +193,11 @@ BOOL trustdom_cache_fetch(const char* name, DOM_SID* sid)
|
||||
/* convert ip string representation into in_addr structure */
|
||||
if(! string_to_sid(sid, value)) {
|
||||
sid = NULL;
|
||||
SAFE_FREE(value);
|
||||
return False;
|
||||
}
|
||||
|
||||
SAFE_FREE(value);
|
||||
return True;
|
||||
}
|
||||
|
||||
@ -193,7 +208,7 @@ BOOL trustdom_cache_fetch(const char* name, DOM_SID* sid)
|
||||
|
||||
uint32 trustdom_cache_fetch_timestamp( void )
|
||||
{
|
||||
char *value;
|
||||
char *value = NULL;
|
||||
time_t timeout;
|
||||
uint32 timestamp;
|
||||
|
||||
@ -203,11 +218,13 @@ uint32 trustdom_cache_fetch_timestamp( void )
|
||||
|
||||
if (!gencache_get(TDOMTSKEY, &value, &timeout)) {
|
||||
DEBUG(5, ("no timestamp for trusted domain cache located.\n"));
|
||||
SAFE_FREE(value);
|
||||
return 0;
|
||||
}
|
||||
|
||||
timestamp = atoi(value);
|
||||
|
||||
SAFE_FREE(value);
|
||||
return timestamp;
|
||||
}
|
||||
|
||||
|
@ -1447,6 +1447,7 @@ static void init_globals(void)
|
||||
a large number of sites (tridge) */
|
||||
Globals.bHostnameLookups = False;
|
||||
|
||||
str_list_free(&Globals.szPassdbBackend);
|
||||
#ifdef WITH_LDAP_SAMCONFIG
|
||||
string_set(&Globals.szLdapServer, "localhost");
|
||||
Globals.ldap_port = 636;
|
||||
@ -2517,6 +2518,7 @@ static void copy_service(service * pserviceDest, service * pserviceSource, BOOL
|
||||
strupper_m(*(char **)dest_ptr);
|
||||
break;
|
||||
case P_LIST:
|
||||
str_list_free((char ***)dest_ptr);
|
||||
str_list_copy((char ***)dest_ptr, *(const char ***)src_ptr);
|
||||
break;
|
||||
default:
|
||||
@ -2748,6 +2750,7 @@ static BOOL handle_netbios_scope(int snum, const char *pszParmValue, char **ptr)
|
||||
|
||||
static BOOL handle_netbios_aliases(int snum, const char *pszParmValue, char **ptr)
|
||||
{
|
||||
str_list_free(&Globals.szNetbiosAliases);
|
||||
Globals.szNetbiosAliases = str_list_make(pszParmValue, NULL);
|
||||
return set_netbios_aliases((const char **)Globals.szNetbiosAliases);
|
||||
}
|
||||
|
@ -1118,6 +1118,7 @@ static BOOL close_internal_rpc_pipe_hnd(void *np_conn)
|
||||
data_blob_free(&p->session_key);
|
||||
|
||||
delete_nt_token(&p->pipe_user.nt_user_token);
|
||||
data_blob_free(&p->session_key);
|
||||
SAFE_FREE(p->pipe_user.groups);
|
||||
|
||||
DLIST_REMOVE(InternalPipes, p);
|
||||
|
@ -2110,8 +2110,10 @@ static canon_ace *canonicalise_acl( files_struct *fsp, SMB_ACL_T posix_acl, SMB_
|
||||
* entries out of the blue when setting ACLs, so a get/set
|
||||
* cycle will drop them.
|
||||
*/
|
||||
if (the_acl_type == SMB_ACL_TYPE_ACCESS && *puid == psbuf->st_uid)
|
||||
if (the_acl_type == SMB_ACL_TYPE_ACCESS && *puid == psbuf->st_uid) {
|
||||
SMB_VFS_SYS_ACL_FREE_QUALIFIER(conn, (void *)puid,tagtype);
|
||||
continue;
|
||||
}
|
||||
uid_to_sid( &sid, *puid);
|
||||
unix_ug.uid = *puid;
|
||||
owner_type = UID_ACE;
|
||||
|
@ -150,7 +150,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
|
||||
DATA_BLOB auth_data;
|
||||
DATA_BLOB ap_rep, ap_rep_wrapped, response;
|
||||
auth_serversupplied_info *server_info = NULL;
|
||||
DATA_BLOB session_key;
|
||||
DATA_BLOB session_key = data_blob(NULL, 0);
|
||||
uint8 tok_id[2];
|
||||
BOOL foreign = False;
|
||||
DATA_BLOB nullblob = data_blob(NULL, 0);
|
||||
@ -183,6 +183,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
|
||||
if (!p) {
|
||||
DEBUG(3,("Doesn't look like a valid principal\n"));
|
||||
data_blob_free(&ap_rep);
|
||||
data_blob_free(&session_key);
|
||||
SAFE_FREE(client);
|
||||
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
|
||||
}
|
||||
@ -192,6 +193,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
|
||||
DEBUG(3,("Ticket for foreign realm %s@%s\n", client, p+1));
|
||||
if (!lp_allow_trusted_domains()) {
|
||||
data_blob_free(&ap_rep);
|
||||
data_blob_free(&session_key);
|
||||
SAFE_FREE(client);
|
||||
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
|
||||
}
|
||||
@ -249,6 +251,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
|
||||
SAFE_FREE(user);
|
||||
SAFE_FREE(client);
|
||||
data_blob_free(&ap_rep);
|
||||
data_blob_free(&session_key);
|
||||
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
|
||||
}
|
||||
|
||||
@ -263,6 +266,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
|
||||
SAFE_FREE(user);
|
||||
SAFE_FREE(client);
|
||||
data_blob_free(&ap_rep);
|
||||
data_blob_free(&session_key);
|
||||
return ERROR_NT(ret);
|
||||
}
|
||||
|
||||
@ -274,6 +278,8 @@ static int reply_spnego_kerberos(connection_struct *conn,
|
||||
}
|
||||
|
||||
/* register_vuid keeps the server info */
|
||||
/* register_vuid takes ownership of session_key, no need to free after this.
|
||||
A better interface would copy it.... */
|
||||
sess_vuid = register_vuid(server_info, session_key, nullblob, client);
|
||||
|
||||
SAFE_FREE(user);
|
||||
|
Loading…
Reference in New Issue
Block a user