Attachment 13740 Details for Bug 13101 – patch for 4.7

[patch] patch for 4.7

resource_leaks_4-7.patch (text/plain), 6.48 KB, created by Andreas Schneider on 2017-10-30 15:10:17 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Andreas Schneider

Created: 2017-10-30 15:10:17 UTC

Size: 6.48 KB

patch

obsolete

>From 8e327339e08f4422a2889e64c0cba0b7a77f5cb7 Mon Sep 17 00:00:00 2001
>From: Andreas Schneider <asn@samba.org>
>Date: Wed, 25 Oct 2017 19:30:28 +0200
>Subject: [PATCH 1/4] s3:secrets: Do not leak memory of pw and old_pw
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101
>
>Signed-off-by: Andreas Schneider <asn@samba.org>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>(cherry picked from commit d6a418c13f0a41851ecc0579765502e076a5cd3b)
>---
> source3/passdb/machine_account_secrets.c | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
>diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c
>index 5a0f7a8405c..fbc87c5619c 100644
>--- a/source3/passdb/machine_account_secrets.c
>+++ b/source3/passdb/machine_account_secrets.c
>@@ -1367,6 +1367,8 @@ NTSTATUS secrets_fetch_or_upgrade_domain_info(const char *domain,
> 		DBG_ERR("secrets_fetch_domain_sid(%s) failed\n",
> 			domain);
> 		dbwrap_transaction_cancel(db);
>+		SAFE_FREE(old_pw);
>+		SAFE_FREE(pw);
> 		TALLOC_FREE(frame);
> 		return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
> 	}
>@@ -1381,6 +1383,8 @@ NTSTATUS secrets_fetch_or_upgrade_domain_info(const char *domain,
> 	if (info->account_name == NULL) {
> 		DBG_ERR("talloc_asprintf(%s$) failed\n", info->computer_name);
> 		dbwrap_transaction_cancel(db);
>+		SAFE_FREE(old_pw);
>+		SAFE_FREE(pw);
> 		TALLOC_FREE(frame);
> 		return NT_STATUS_NO_MEMORY;
> 	}
>@@ -1418,6 +1422,8 @@ NTSTATUS secrets_fetch_or_upgrade_domain_info(const char *domain,
> 			DBG_ERR("talloc_asprintf(%s#%02X) failed\n",
> 				domain, NBT_NAME_PDC);
> 			dbwrap_transaction_cancel(db);
>+			SAFE_FREE(pw);
>+			SAFE_FREE(old_pw);
> 			TALLOC_FREE(frame);
> 			return NT_STATUS_NO_MEMORY;
> 		}
>@@ -1438,6 +1444,8 @@ NTSTATUS secrets_fetch_or_upgrade_domain_info(const char *domain,
> 		p = kerberos_secrets_fetch_salt_princ();
> 		if (p == NULL) {
> 			dbwrap_transaction_cancel(db);
>+			SAFE_FREE(old_pw);
>+			SAFE_FREE(pw);
> 			TALLOC_FREE(frame);
> 			return NT_STATUS_INTERNAL_ERROR;
> 		}
>@@ -1445,6 +1453,8 @@ NTSTATUS secrets_fetch_or_upgrade_domain_info(const char *domain,
> 		SAFE_FREE(p);
> 		if (info->salt_principal == NULL) {
> 			dbwrap_transaction_cancel(db);
>+			SAFE_FREE(pw);
>+			SAFE_FREE(old_pw);
> 			TALLOC_FREE(frame);
> 			return NT_STATUS_NO_MEMORY;
> 		}
>@@ -1459,6 +1469,7 @@ NTSTATUS secrets_fetch_or_upgrade_domain_info(const char *domain,
> 						     info->salt_principal,
> 						     last_set_nt, server,
> 						     &info->password);
>+	SAFE_FREE(pw);
> 	if (!NT_STATUS_IS_OK(status)) {
> 		DBG_ERR("secrets_domain_info_password_create(pw) failed "
> 			"for %s - %s\n", domain, nt_errstr(status));
>@@ -1476,6 +1487,7 @@ NTSTATUS secrets_fetch_or_upgrade_domain_info(const char *domain,
> 							     info->salt_principal,
> 							     0, server,
> 							     &info->old_password);
>+		SAFE_FREE(old_pw);
> 		if (!NT_STATUS_IS_OK(status)) {
> 			DBG_ERR("secrets_domain_info_password_create(old) failed "
> 				"for %s - %s\n", domain, nt_errstr(status));
>-- 
>2.14.3
>
>
>From 2c6943ec1c28b10fd2c95e85f58f879789e4c035 Mon Sep 17 00:00:00 2001
>From: Andreas Schneider <asn@samba.org>
>Date: Wed, 25 Oct 2017 19:50:57 +0200
>Subject: [PATCH 2/4] s3:passdb: Make sure the salt is fully initialized before
> passing
>
>Otherwise the magic member is not initialized.
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101
>
>Signed-off-by: Andreas Schneider <asn@samba.org>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>(cherry picked from commit 5274beba4cf722a34403dc07bf287815a6df6281)
>---
> source3/passdb/machine_account_secrets.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
>diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c
>index fbc87c5619c..75f31cb04e2 100644
>--- a/source3/passdb/machine_account_secrets.c
>+++ b/source3/passdb/machine_account_secrets.c
>@@ -1090,8 +1090,10 @@ static int secrets_domain_info_kerberos_keys(struct secrets_domain_info1_passwor
> 		return krb5_ret;
> 	}
> 
>-	salt.data = discard_const(salt_data);
>-	salt.length = strlen(salt_data);
>+	salt = (krb5_data) {
>+		.data = discard_const(salt_data),
>+		.length = strlen(salt_data),
>+	};
> 
> 	ok = convert_string_talloc(keys, CH_UTF16MUNGED, CH_UTF8,
> 				   p->cleartext_blob.data,
>-- 
>2.14.3
>
>
>From cd1e855e6fed6be416d86de81b0aa622b264ddfc Mon Sep 17 00:00:00 2001
>From: Andreas Schneider <asn@samba.org>
>Date: Wed, 25 Oct 2017 19:55:32 +0200
>Subject: [PATCH 3/4] s3:modules: Check correct variable for NULL in
> posixacl_xattr
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101
>
>Signed-off-by: Andreas Schneider <asn@samba.org>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>
>Autobuild-User(master): Jeremy Allison <jra@samba.org>
>Autobuild-Date(master): Fri Oct 27 04:54:22 CEST 2017 on sn-devel-144
>
>(cherry picked from commit 327190893f5f3352a2e6abc4872b54092ee7de68)
>---
> source3/modules/posixacl_xattr.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/source3/modules/posixacl_xattr.c b/source3/modules/posixacl_xattr.c
>index 759d372facb..8f6f365bff9 100644
>--- a/source3/modules/posixacl_xattr.c
>+++ b/source3/modules/posixacl_xattr.c
>@@ -384,7 +384,7 @@ SMB_ACL_T posixacl_xattr_acl_get_file(vfs_handle_struct *handle,
> 		TALLOC_CTX *frame = talloc_stackframe();
> 		struct smb_filename *smb_fname_tmp =
> 			cp_smb_filename_nostream(frame, smb_fname);
>-		if (smb_fname == NULL) {
>+		if (smb_fname_tmp == NULL) {
> 			errno = ENOMEM;
> 			ret = -1;
> 		} else {
>-- 
>2.14.3
>
>
>From bd43c2c35e7a88fe6295e27c0c92eed37f8cfd13 Mon Sep 17 00:00:00 2001
>From: Andreas Schneider <asn@samba.org>
>Date: Wed, 25 Oct 2017 19:25:20 +0200
>Subject: [PATCH 4/4] s4:pyparam: Fix resource leaks on error
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101
>
>Signed-off-by: Andreas Schneider <asn@samba.org>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>(cherry picked from commit e56626e864492831a3dbbca2d4fb8f3281547a90)
>---
> source4/param/pyparam.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
>diff --git a/source4/param/pyparam.c b/source4/param/pyparam.c
>index 713e608cf1b..f16c2c0b227 100644
>--- a/source4/param/pyparam.c
>+++ b/source4/param/pyparam.c
>@@ -331,6 +331,9 @@ static PyObject *py_lp_dump_a_parameter(PyObject *self, PyObject *args)
> 
> 	if (!ret) {
> 		PyErr_Format(PyExc_RuntimeError, "Parameter %s unknown for section %s", param_name, section_name);
>+		if (f != stdout) {
>+			fclose(f);
>+		}
> 		return NULL;
> 	}
> 
>@@ -479,6 +482,9 @@ static PyObject *py_lp_service_dump(PyObject *self, PyObject *args)
> 
> 	if (!PyObject_TypeCheck(py_default_service, &PyLoadparmService)) {
> 		PyErr_SetNone(PyExc_TypeError);
>+		if (f != stdout) {
>+			fclose(f);
>+		}
> 		return NULL;
> 	}
> 
>-- 
>2.14.3
>

Flags:

jra: review+

Actions: View

Attachments on bug 13101: 13740 | 13741