sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-27 14:04:05 +03:00
Code

libcli/security: avoid leak in calculate_inherited_from_parent()

Browse Source 
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Douglas Bagnall 2023-07-21 14:35:45 +12:00 committed by Andrew Bartlett
parent 26722348b9
commit c1621d3492
1 changed files with 17 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
libcli/security/create_descriptor.c
View File

@ -145,15 +145,21 @@ static struct security_acl *calculate_inherited_from_parent(TALLOC_CTX *mem_ctx,
struct GUID *object_list)
{
uint32_t i;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
struct security_acl *tmp_acl = talloc_zero(mem_ctx, struct security_acl);
if (!tmp_acl) {
return NULL;
}
TALLOC_CTX *tmp_ctx = NULL;
struct security_acl *tmp_acl = NULL;
if (!acl) {
return NULL;
}
tmp_ctx = talloc_new(mem_ctx);
if (!tmp_ctx) {
return NULL;
}
tmp_acl = talloc_zero(mem_ctx, struct security_acl);
if (!tmp_acl) {
TALLOC_FREE(tmp_ctx);
return NULL;
}
for (i=0; i < acl->num_aces; i++) {
const struct security_ace *ace = &acl->aces[i];
@ -268,6 +274,7 @@ static struct security_acl *calculate_inherited_from_parent(TALLOC_CTX *mem_ctx,
tmp_acl->num_aces+1);
if (tmp_acl->aces == NULL) {
talloc_free(tmp_ctx);
TALLOC_FREE(tmp_acl);
return NULL;
}
@ -340,7 +347,8 @@ static struct security_acl *calculate_inherited_from_parent(TALLOC_CTX *mem_ctx,
struct security_ace,
tmp_acl->num_aces+1);
if (tmp_acl->aces == NULL) {
talloc_free(tmp_ctx);
TALLOC_FREE(tmp_ctx);
TALLOC_FREE(tmp_acl);
return NULL;
}
@ -363,11 +371,14 @@ static struct security_acl *calculate_inherited_from_parent(TALLOC_CTX *mem_ctx,
}
}
if (tmp_acl->num_aces == 0) {
TALLOC_FREE(tmp_ctx);
TALLOC_FREE(tmp_acl);
return NULL;
}
if (acl) {
tmp_acl->revision = acl->revision;
}
TALLOC_FREE(tmp_ctx);
return tmp_acl;
}