Commit https://github.com/samba-team/samba/commit/847208cd8ac68c4c7d1dae63767820db1c69292b introduced the following code in lib/util/util_paths.c: buf = talloc_size(mem_ctx, len); if (buf == NULL) { return NULL; } rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf); if (rc != 0 || pwdbuf == NULL ) { const char *szPath = getenv("HOME"); if (szPath == NULL) { goto done; } len = strnlen(szPath, PATH_MAX); if (len >= PATH_MAX) { return NULL; } out = talloc_strdup(mem_ctx, szPath); goto done; } out = talloc_strdup(mem_ctx, pwd.pw_dir); done: TALLOC_FREE(buf); return out; Should lines if (len >= PATH_MAX) { return NULL; } Look like if (len >= PATH_MAX) { goto done; } Or we can forget to free buf?
Yes, that looks correct - thanks !
Fixed in Samba 4.14 with aa4d135710e0fdcf92f522b3c6228717105c0775.