Bug 14441 - Do we miss free in lib/util/util_paths.c?
Summary: Do we miss free in lib/util/util_paths.c?
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Other (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-07-13 13:46 UTC by Alexander Pyhalov
Modified: 2020-07-13 17:09 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Pyhalov 2020-07-13 13:46:56 UTC
Commit https://github.com/samba-team/samba/commit/847208cd8ac68c4c7d1dae63767820db1c69292b introduced the following code in lib/util/util_paths.c:


        buf = talloc_size(mem_ctx, len);
	if (buf == NULL) {
		return NULL;
	}

	rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf);
	if (rc != 0 || pwdbuf == NULL ) {
		const char *szPath = getenv("HOME");
		if (szPath == NULL) {
			goto done;
		}
		len = strnlen(szPath, PATH_MAX);
		if (len >= PATH_MAX) {
			return NULL;
		}
		out = talloc_strdup(mem_ctx, szPath);
		goto done;
	}

	out = talloc_strdup(mem_ctx, pwd.pw_dir);
done:
	TALLOC_FREE(buf);
	return out;


Should lines 

                if (len >= PATH_MAX) {
			return NULL;
		}

Look like 

                if (len >= PATH_MAX) {
			goto done;
		}
		
		
Or we can forget to free buf?
Comment 1 Jeremy Allison 2020-07-13 17:09:29 UTC
Yes, that looks correct - thanks !