Bug 14544 - lpcfg_dump_a_parameter doesn't free temporary string allocated under loadparm context
Summary: lpcfg_dump_a_parameter doesn't free temporary string allocated under loadparm...
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Other (show other bugs)
Version: 4.12.7
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Jeremy Allison
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-10-21 12:16 UTC by Andrew Walker
Modified: 2020-10-22 01:32 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Walker 2020-10-21 12:16:25 UTC
This is fairly low priority. I was experimenting with pyparam / talloc and noticed the following behavior:

```
>>> talloc.report_full(a)
full talloc report on 'struct loadparm_context' (total    166 bytes in   5 blocks)
    /usr/local/etc/smb4.conf       contains     25 bytes in   1 blocks (ref 0) 0x800a49060
    passdb backend                 contains     15 bytes in   1 blocks (ref 0) 0x800a74f00
    passdb backend                 contains     15 bytes in   1 blocks (ref 0) 0x800a74020
    passbd backend                 contains     15 bytes in   1 blocks (ref 0) 0x800a730d0
>>> a.dump_a_parameter('passdb backend')
tdbsam
>>> talloc.report_full(a)
full talloc report on 'struct loadparm_context' (total    181 bytes in   6 blocks)
    passdb backend                 contains     15 bytes in   1 blocks (ref 0) 0x800a75440
    /usr/local/etc/smb4.conf       contains     25 bytes in   1 blocks (ref 0) 0x800a49060
    passdb backend                 contains     15 bytes in   1 blocks (ref 0) 0x800a74f00
    passdb backend                 contains     15 bytes in   1 blocks (ref 0) 0x800a74020
    passbd backend                 contains     15 bytes in   1 blocks (ref 0) 0x800a730d0
```
Obviously this is a minor issue because the get() method is probably more appropriate in most circumstances.

lpcfg_dump_a_parameter() calls talloc_strdup() for the parm_name passed into it so that we can check whether it's a parametric entry. Memory is allocated under the loadparm context passed into the function.

Primary consumer of this is "testparm" command and so the context is short-lived in the typical use-case, but this is also exposed via pyparam and so the loadparm context may be somewhat longer-lived depending on how it is being used.

Will attach gitlab MR for fix as comment.
Comment 1 Andrew Walker 2020-10-21 12:19:51 UTC
MR: https://gitlab.com/samba-team/samba/-/merge_requests/1627
Comment 2 Jeremy Allison 2020-10-21 17:14:54 UTC
Yep. Completely correct. Waiting for second Team reviewer.
Comment 3 Samba QA Contact 2020-10-22 00:31:14 UTC
This bug was referenced in samba master:

3b2a9083f8ea7758ab545ff82578ba35e1f05679