From a28cdd6e742cb72a728bd337546ee95fd4160ed8 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Wed, 13 Dec 2006 16:39:50 +0000 Subject: [PATCH] r20150: better memory handling for some functions, make sure we don't leak memory by using the wrong(long lived) mem context --- source/nsswitch/idmap_rid.c | 40 ++++++++++++++++++++++---------- source/nsswitch/winbindd_async.c | 4 ++-- source/nsswitch/winbindd_group.c | 4 ++-- source/nsswitch/winbindd_util.c | 4 +++- source/script/tests/selftest.sh | 6 +++-- 5 files changed, 39 insertions(+), 19 deletions(-) diff --git a/source/nsswitch/idmap_rid.c b/source/nsswitch/idmap_rid.c index 0cbfd75196a..bbba1bd0111 100644 --- a/source/nsswitch/idmap_rid.c +++ b/source/nsswitch/idmap_rid.c @@ -81,12 +81,12 @@ failed: return ret; } -static NTSTATUS idmap_rid_id_to_sid(struct idmap_rid_context *ctx, struct id_map *map) +static NTSTATUS idmap_rid_id_to_sid(TALLOC_CTX *memctx, struct idmap_rid_context *ctx, struct id_map *map) { char *domname, *name; enum lsa_SidType sid_type; - if (!ctx || !map) { + if (!memctx || !ctx || !map) { return NT_STATUS_INVALID_PARAMETER; } @@ -99,7 +99,7 @@ static NTSTATUS idmap_rid_id_to_sid(struct idmap_rid_context *ctx, struct id_map sid_compose(map->sid, &ctx->dom_sid, map->xid.id - ctx->low_id + ctx->base_rid); - if (winbindd_lookup_name_by_sid(ctx, map->sid, &domname, &name, &sid_type)) { + if (winbindd_lookup_name_by_sid(memctx, map->sid, &domname, &name, &sid_type)) { switch (sid_type) { case SID_NAME_USER: if (map->xid.type != ID_TYPE_UID) { @@ -136,13 +136,13 @@ static NTSTATUS idmap_rid_id_to_sid(struct idmap_rid_context *ctx, struct id_map Single sid to id lookup function. **********************************/ -static NTSTATUS idmap_rid_sid_to_id(struct idmap_rid_context *ctx, struct id_map *map) +static NTSTATUS idmap_rid_sid_to_id(TALLOC_CTX *memctx, struct idmap_rid_context *ctx, struct id_map *map) { char *domname, *name; enum lsa_SidType sid_type; uint32_t rid; - if (!ctx || !map) { + if (!memctx || !ctx || !map) { return NT_STATUS_INVALID_PARAMETER; } @@ -150,7 +150,7 @@ static NTSTATUS idmap_rid_sid_to_id(struct idmap_rid_context *ctx, struct id_map map->xid.id = rid - ctx->base_rid + ctx->low_id; /* check if this is a valid SID and set the type */ - if (winbindd_lookup_name_by_sid(ctx, map->sid, &domname, &name, &sid_type)) { + if (winbindd_lookup_name_by_sid(memctx, map->sid, &domname, &name, &sid_type)) { switch (sid_type) { case SID_NAME_USER: map->xid.type = ID_TYPE_UID; @@ -188,17 +188,24 @@ static NTSTATUS idmap_rid_sid_to_id(struct idmap_rid_context *ctx, struct id_map static NTSTATUS idmap_rid_unixids_to_sids(struct idmap_domain *dom, struct id_map **ids) { - struct idmap_rid_context *ctx; + struct idmap_rid_context *ridctx; + TALLOC_CTX *ctx; NTSTATUS ret; int i; - ctx = talloc_get_type(dom->private_data, struct idmap_rid_context); + ridctx = talloc_get_type(dom->private_data, struct idmap_rid_context); + + ctx = talloc_new(dom); + if ( ! ctx) { + DEBUG(0, ("Out of memory!\n")); + return NT_STATUS_NO_MEMORY; + } for (i = 0; ids[i]; i++) { /* make sure it is marked as unmapped before resolveing */ ids[i]->mapped = False; - ret = idmap_rid_id_to_sid(ctx, ids[i]); + ret = idmap_rid_id_to_sid(ctx, ridctx, ids[i]); if (( ! NT_STATUS_IS_OK(ret)) && ( ! NT_STATUS_EQUAL(ret, NT_STATUS_NONE_MAPPED))) { @@ -207,6 +214,7 @@ static NTSTATUS idmap_rid_unixids_to_sids(struct idmap_domain *dom, struct id_ma } } + talloc_free(ctx); return NT_STATUS_OK; } @@ -216,17 +224,24 @@ static NTSTATUS idmap_rid_unixids_to_sids(struct idmap_domain *dom, struct id_ma static NTSTATUS idmap_rid_sids_to_unixids(struct idmap_domain *dom, struct id_map **ids) { - struct idmap_rid_context *ctx; + struct idmap_rid_context *ridctx; + TALLOC_CTX *ctx; NTSTATUS ret; int i; - ctx = talloc_get_type(dom->private_data, struct idmap_rid_context); + ridctx = talloc_get_type(dom->private_data, struct idmap_rid_context); + + ctx = talloc_new(dom); + if ( ! ctx) { + DEBUG(0, ("Out of memory!\n")); + return NT_STATUS_NO_MEMORY; + } for (i = 0; ids[i]; i++) { /* make sure it is marked as unmapped before resolveing */ ids[i]->mapped = False; - ret = idmap_rid_sid_to_id(ctx, ids[i]); + ret = idmap_rid_sid_to_id(ctx, ridctx, ids[i]); if (( ! NT_STATUS_IS_OK(ret)) && ( ! NT_STATUS_EQUAL(ret, NT_STATUS_NONE_MAPPED))) { @@ -236,6 +251,7 @@ static NTSTATUS idmap_rid_sids_to_unixids(struct idmap_domain *dom, struct id_ma } } + talloc_free(ctx); return NT_STATUS_OK; } diff --git a/source/nsswitch/winbindd_async.c b/source/nsswitch/winbindd_async.c index 4df0bb5ba79..09426973e81 100644 --- a/source/nsswitch/winbindd_async.c +++ b/source/nsswitch/winbindd_async.c @@ -738,8 +738,8 @@ enum winbindd_result winbindd_dual_lookupsid(struct winbindd_domain *domain, { enum lsa_SidType type; DOM_SID sid; - char *name = NULL; - char *dom_name = NULL; + char *name; + char *dom_name; /* Ensure null termination */ state->request.data.sid[sizeof(state->request.data.sid)-1]='\0'; diff --git a/source/nsswitch/winbindd_group.c b/source/nsswitch/winbindd_group.c index 18a7be29de4..612147043e6 100644 --- a/source/nsswitch/winbindd_group.c +++ b/source/nsswitch/winbindd_group.c @@ -442,8 +442,8 @@ static void getgrgid_got_sid(struct winbindd_cli_state *state, DOM_SID group_sid { struct winbindd_domain *domain; enum lsa_SidType name_type; - char *dom_name = NULL; - char *group_name = NULL; + char *dom_name; + char *group_name; size_t gr_mem_len; size_t num_gr_mem; char *gr_mem; diff --git a/source/nsswitch/winbindd_util.c b/source/nsswitch/winbindd_util.c index e4b51019aa7..6f15908687b 100644 --- a/source/nsswitch/winbindd_util.c +++ b/source/nsswitch/winbindd_util.c @@ -718,6 +718,9 @@ BOOL winbindd_lookup_name_by_sid(TALLOC_CTX *mem_ctx, NTSTATUS result; struct winbindd_domain *domain; + *dom_name = NULL; + *name = NULL; + domain = find_lookup_domain_from_sid(sid); if (!domain) { @@ -736,7 +739,6 @@ BOOL winbindd_lookup_name_by_sid(TALLOC_CTX *mem_ctx, } *type = SID_NAME_UNKNOWN; - *name = talloc_strdup(mem_ctx, name_deadbeef); return False; } diff --git a/source/script/tests/selftest.sh b/source/script/tests/selftest.sh index f4dcee1a7d4..5ec96f63e28 100755 --- a/source/script/tests/selftest.sh +++ b/source/script/tests/selftest.sh @@ -95,8 +95,6 @@ cat >$COMMONCONFFILE<$CONFFILE<$SAMBA4CONFFILE<$SERVERCONFFILE<