diff --git a/source3/libads/krb5_setpw.c b/source3/libads/krb5_setpw.c index 04ee6ee62a8..5032ffd14cc 100644 --- a/source3/libads/krb5_setpw.c +++ b/source3/libads/krb5_setpw.c @@ -605,7 +605,13 @@ ADS_STATUS ads_krb5_set_password(const char *kdc_host, const char *princ, } realm++; - asprintf(&princ_name, "kadmin/changepw@%s", realm); + if (asprintf(&princ_name, "kadmin/changepw@%s", realm) == -1) { + krb5_cc_close(context, ccache); + krb5_free_context(context); + DEBUG(1,("asprintf failed\n")); + return ADS_ERROR_NT(NT_STATUS_NO_MEMORY); + } + ret = smb_krb5_parse_name(context, princ_name, &creds.server); if (ret) { krb5_cc_close(context, ccache); @@ -736,8 +742,13 @@ static ADS_STATUS ads_krb5_chg_password(const char *kdc_host, krb5_get_init_creds_opt_set_proxiable(&opts, 0); /* We have to obtain an INITIAL changepw ticket for changing password */ - asprintf(&chpw_princ, "kadmin/changepw@%s", - (char *) krb5_princ_realm(context, princ)); + if (asprintf(&chpw_princ, "kadmin/changepw@%s", + (char *) krb5_princ_realm(context, princ)) == -1) { + krb5_free_context(context); + DEBUG(1,("ads_krb5_chg_password: asprintf fail\n")); + return ADS_ERROR_NT(NT_STATUS_NO_MEMORY); + } + password = SMB_STRDUP(oldpw); ret = krb5_get_init_creds_password(context, &creds, princ, password, kerb_prompter, NULL, @@ -807,16 +818,14 @@ ADS_STATUS ads_set_machine_password(ADS_STRUCT *ads, as otherwise the server might end up setting the password for a user instead */ - asprintf(&principal, "%s@%s", machine_account, ads->config.realm); + if (asprintf(&principal, "%s@%s", machine_account, ads->config.realm) < 0) { + return ADS_ERROR_NT(NT_STATUS_NO_MEMORY); + } status = ads_krb5_set_password(ads->auth.kdc_server, principal, password, ads->auth.time_offset); - free(principal); - + SAFE_FREE(principal); return status; } - - - #endif diff --git a/source3/passdb/login_cache.c b/source3/passdb/login_cache.c index 8222f77b952..4e14293e73b 100644 --- a/source3/passdb/login_cache.c +++ b/source3/passdb/login_cache.c @@ -35,14 +35,13 @@ bool login_cache_init(void) /* skip file open if it's already opened */ if (cache) return True; - asprintf(&cache_fname, "%s/%s", lp_lockdir(), LOGIN_CACHE_FILE); - if (cache_fname) - DEBUG(5, ("Opening cache file at %s\n", cache_fname)); - else { + if (asprintf(&cache_fname, "%s/%s", lp_lockdir(), LOGIN_CACHE_FILE) == -1) { DEBUG(0, ("Filename allocation failed.\n")); return False; } + DEBUG(5, ("Opening cache file at %s\n", cache_fname)); + cache = tdb_open_log(cache_fname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0644);