The Samba-Bugzilla – Attachment 7048 Details for
Bug 8562
talloc: double free error
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patches for v3-5-test
tmp35.diff (text/plain), 4.41 KB, created by
Stefan Metzmacher
on 2011-11-02 10:09:26 UTC
(
hide
)
Description:
Patches for v3-5-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2011-11-02 10:09:26 UTC
Size:
4.41 KB
patch
obsolete
>From 2f6476817051bf89028d78aa8d520f3087f6cbd2 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 2 Nov 2011 10:55:27 +0100 >Subject: [PATCH 1/3] libcli/auth: debug the given computer name creds might be NULL > >metze >--- > libcli/auth/schannel_state_tdb.c | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > >diff --git a/libcli/auth/schannel_state_tdb.c b/libcli/auth/schannel_state_tdb.c >index 7ec8b3f..12c1c5b 100644 >--- a/libcli/auth/schannel_state_tdb.c >+++ b/libcli/auth/schannel_state_tdb.c >@@ -193,7 +193,7 @@ NTSTATUS schannel_creds_server_step_check_tdb(struct tdb_context *tdb, > if (schannel_required_for_call && !schannel_in_use) { > DEBUG(0,("schannel_creds_server_step_check_tdb: " > "client %s not using schannel for netlogon, despite negotiating it\n", >- creds->computer_name )); >+ computer_name)); > tdb_transaction_cancel(tdb); > return NT_STATUS_ACCESS_DENIED; > } >-- >1.7.4.1 > > >From ff35bd666fcef5f1d277079488c3241261cf2cac Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 2 Nov 2011 10:57:09 +0100 >Subject: [PATCH 2/3] libcli/auth: only expose creds to the caller on success > >metze >--- > libcli/auth/schannel_state_tdb.c | 7 ++++--- > 1 files changed, 4 insertions(+), 3 deletions(-) > >diff --git a/libcli/auth/schannel_state_tdb.c b/libcli/auth/schannel_state_tdb.c >index 12c1c5b..eded80f 100644 >--- a/libcli/auth/schannel_state_tdb.c >+++ b/libcli/auth/schannel_state_tdb.c >@@ -169,7 +169,7 @@ NTSTATUS schannel_creds_server_step_check_tdb(struct tdb_context *tdb, > struct netr_Authenticator *return_authenticator, > struct netlogon_creds_CredentialState **creds_out) > { >- struct netlogon_creds_CredentialState *creds; >+ struct netlogon_creds_CredentialState *creds = NULL; > NTSTATUS status; > int ret; > >@@ -194,6 +194,7 @@ NTSTATUS schannel_creds_server_step_check_tdb(struct tdb_context *tdb, > DEBUG(0,("schannel_creds_server_step_check_tdb: " > "client %s not using schannel for netlogon, despite negotiating it\n", > computer_name)); >+ TALLOC_FREE(creds); > tdb_transaction_cancel(tdb); > return NT_STATUS_ACCESS_DENIED; > } >@@ -211,12 +212,12 @@ NTSTATUS schannel_creds_server_step_check_tdb(struct tdb_context *tdb, > if (NT_STATUS_IS_OK(status)) { > tdb_transaction_commit(tdb); > if (creds_out) { >- *creds_out = creds; >- talloc_steal(mem_ctx, creds); >+ *creds_out = talloc_move(mem_ctx, &creds); > } > } else { > tdb_transaction_cancel(tdb); > } > >+ TALLOC_FREE(creds); > return status; > } >-- >1.7.4.1 > > >From dcefc0ed7e9d90c1747be9c19facd7e2aa3e45da Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 2 Nov 2011 10:58:26 +0100 >Subject: [PATCH 3/3] s3:rpc_server/srv_netlogon: make sure we don't use an unitialized variable > >metze >--- > source3/rpc_server/srv_netlog_nt.c | 12 ++++++++++-- > 1 files changed, 10 insertions(+), 2 deletions(-) > >diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c >index 1ebe361..972d902 100644 >--- a/source3/rpc_server/srv_netlog_nt.c >+++ b/source3/rpc_server/srv_netlog_nt.c >@@ -977,7 +977,7 @@ NTSTATUS _netr_ServerPasswordSet2(pipes_struct *p, > struct netr_ServerPasswordSet2 *r) > { > NTSTATUS status; >- struct netlogon_creds_CredentialState *creds; >+ struct netlogon_creds_CredentialState *creds = NULL; > struct samu *sampass; > DATA_BLOB plaintext; > struct samr_CryptPassword password_buf; >@@ -992,9 +992,15 @@ NTSTATUS _netr_ServerPasswordSet2(pipes_struct *p, > unbecome_root(); > > if (!NT_STATUS_IS_OK(status)) { >+ const char *computer_name = "<unknown>"; >+ >+ if (creds && creds->computer_name) { >+ computer_name = creds->computer_name; >+ } >+ > DEBUG(2,("_netr_ServerPasswordSet2: netlogon_creds_server_step " > "failed. Rejecting auth request from client %s machine account %s\n", >- r->in.computer_name, creds->computer_name)); >+ r->in.computer_name, computer_name)); > TALLOC_FREE(creds); > return status; > } >@@ -1004,6 +1010,7 @@ NTSTATUS _netr_ServerPasswordSet2(pipes_struct *p, > netlogon_creds_arcfour_crypt(creds, password_buf.data, 516); > > if (!extract_pw_from_buffer(p->mem_ctx, password_buf.data, &plaintext)) { >+ TALLOC_FREE(creds); > return NT_STATUS_WRONG_PASSWORD; > } > >@@ -1012,6 +1019,7 @@ NTSTATUS _netr_ServerPasswordSet2(pipes_struct *p, > status = netr_find_machine_account(p->mem_ctx, > creds->account_name, > &sampass); >+ TALLOC_FREE(creds); > if (!NT_STATUS_IS_OK(status)) { > return status; > } >-- >1.7.4.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=7048">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
gd
:
review+
bjacke
:
review+
Actions:
View
Attachments on
bug 8562
: 7048 |
7060