The branch, master has been updated
via 536622e s4:dsdb/samdb/cracknames.c - fix another memory leak
via f156c34 s4:kdc/kpasswdd.c - fix memory leaks
via f1db3c5 s4:auth/gensec/gensec_krb5.c - fix/reorder memory free
operations
via ee311be s4:auth/gensec/gensec_krb5.c - remove a pointless
"nt_status" test
from 3fb5ae6 s4:auth/kerberos/kerberos_pac.c - fix another memory leak
regarding the KRB principal
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 536622e7d1b9944a4455be4d4c3e83146659acbb
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Sat Dec 4 16:39:01 2010 +0100
s4:dsdb/samdb/cracknames.c - fix another memory leak
Autobuild-User: Matthias Dieter Wallnöfer <[email protected]>
Autobuild-Date: Sat Dec 4 17:26:39 CET 2010 on sn-devel-104
commit f156c340b4283593c858a3ae6dc7ec9702381331
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Sat Dec 4 16:38:45 2010 +0100
s4:kdc/kpasswdd.c - fix memory leaks
commit f1db3c52de6e5a68efe697a9af3497251c30f8fb
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Sat Dec 4 16:38:02 2010 +0100
s4:auth/gensec/gensec_krb5.c - fix/reorder memory free operations
To prevent memory leaks
commit ee311beabe0dd9f904f05a4c8d8bab065eda1fb7
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Sat Dec 4 16:36:27 2010 +0100
s4:auth/gensec/gensec_krb5.c - remove a pointless "nt_status" test
There is no operation which sets the "nt_status" before the "if".
-----------------------------------------------------------------------
Summary of changes:
source4/auth/gensec/gensec_krb5.c | 29 ++++++++++++++++++-----------
source4/dsdb/samdb/cracknames.c | 1 +
source4/kdc/kpasswdd.c | 17 +++++++++++++++--
3 files changed, 34 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/auth/gensec/gensec_krb5.c
b/source4/auth/gensec/gensec_krb5.c
index b0ab3f6..fc96e38 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -153,6 +153,7 @@ static NTSTATUS gensec_krb5_start(struct gensec_security
*gensec_security, bool
(struct sockaddr *) &ss,
sizeof(struct sockaddr_storage));
if (socklen < 0) {
+ talloc_free(gensec_krb5_state);
return NT_STATUS_INTERNAL_ERROR;
}
ret =
krb5_sockaddr2address(gensec_krb5_state->smb_krb5_context->krb5_context,
@@ -175,6 +176,7 @@ static NTSTATUS gensec_krb5_start(struct gensec_security
*gensec_security, bool
(struct sockaddr *) &ss,
sizeof(struct sockaddr_storage));
if (socklen < 0) {
+ talloc_free(gensec_krb5_state);
return NT_STATUS_INTERNAL_ERROR;
}
ret =
krb5_sockaddr2address(gensec_krb5_state->smb_krb5_context->krb5_context,
@@ -633,6 +635,7 @@ static NTSTATUS gensec_krb5_session_info(struct
gensec_security *gensec_security
DEBUG(1, ("Unable to parse client principal: %s\n",
smb_get_krb5_error_message(context,
ret, mem_ctx)));
+ krb5_free_principal(context, client_principal);
talloc_free(mem_ctx);
return NT_STATUS_NO_MEMORY;
}
@@ -646,8 +649,9 @@ static NTSTATUS gensec_krb5_session_info(struct
gensec_security *gensec_security
principal_string,
smb_get_krb5_error_message(context,
ret, mem_ctx)));
- krb5_free_principal(context, client_principal);
free(principal_string);
+ krb5_free_principal(context, client_principal);
+ talloc_free(mem_ctx);
return NT_STATUS_ACCESS_DENIED;
} else if (ret) {
/* NO pac */
@@ -664,29 +668,26 @@ static NTSTATUS gensec_krb5_session_info(struct
gensec_security *gensec_security
principal_string,
NULL, &server_info);
if (!NT_STATUS_IS_OK(nt_status)) {
+ free(principal_string);
+ krb5_free_principal(context, client_principal);
talloc_free(mem_ctx);
return nt_status;
}
} else {
DEBUG(1, ("Unable to find PAC in ticket from %s,
failing to allow access\n",
principal_string));
- return NT_STATUS_ACCESS_DENIED;
- }
-
- krb5_free_principal(context, client_principal);
- free(principal_string);
-
- if (!NT_STATUS_IS_OK(nt_status)) {
+ free(principal_string);
+ krb5_free_principal(context, client_principal);
talloc_free(mem_ctx);
- return nt_status;
+ return NT_STATUS_ACCESS_DENIED;
}
} else {
/* Found pac */
union netr_Validation validation;
- free(principal_string);
pac = data_blob_talloc(mem_ctx, pac_data.data, pac_data.length);
if (!pac.data) {
+ free(principal_string);
krb5_free_principal(context, client_principal);
talloc_free(mem_ctx);
return NT_STATUS_NO_MEMORY;
@@ -699,9 +700,10 @@ static NTSTATUS gensec_krb5_session_info(struct
gensec_security *gensec_security
NULL,
gensec_krb5_state->keyblock,
client_principal,
gensec_krb5_state->ticket->ticket.authtime, NULL);
- krb5_free_principal(context, client_principal);
if (!NT_STATUS_IS_OK(nt_status)) {
+ free(principal_string);
+ krb5_free_principal(context, client_principal);
talloc_free(mem_ctx);
return nt_status;
}
@@ -712,11 +714,16 @@ static NTSTATUS gensec_krb5_session_info(struct
gensec_security *gensec_security
3, &validation,
&server_info);
if (!NT_STATUS_IS_OK(nt_status)) {
+ free(principal_string);
+ krb5_free_principal(context, client_principal);
talloc_free(mem_ctx);
return nt_status;
}
}
+ free(principal_string);
+ krb5_free_principal(context, client_principal);
+
/* references the server_info into the session_info */
nt_status = gensec_generate_session_info(mem_ctx, gensec_security,
server_info, &session_info);
diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c
index 0b7b6ed..1964e13 100644
--- a/source4/dsdb/samdb/cracknames.c
+++ b/source4/dsdb/samdb/cracknames.c
@@ -649,6 +649,7 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx,
TALLOC_CTX *mem_ctx,
strcspn(principal->name.name_string.val[1], "."));
if (computer_name == NULL) {
krb5_free_principal(smb_krb5_context->krb5_context, principal);
+ free(unparsed_name_short);
return WERR_NOMEM;
}
diff --git a/source4/kdc/kpasswdd.c b/source4/kdc/kpasswdd.c
index 7d7e98b..6f4c84b 100644
--- a/source4/kdc/kpasswdd.c
+++ b/source4/kdc/kpasswdd.c
@@ -300,16 +300,27 @@ static bool kpasswd_process_request(struct kdc_server
*kdc,
if ((chpw.targname && !chpw.targrealm)
|| (!chpw.targname && chpw.targrealm)) {
+ free_ChangePasswdDataMS(&chpw);
return kpasswdd_make_error_reply(kdc, mem_ctx,
KRB5_KPASSWD_MALFORMED,
"Realm and principal
must be both present, or neither present",
reply);
}
if (chpw.targname && chpw.targrealm) {
-
krb5_build_principal_ext(kdc->smb_krb5_context->krb5_context,
- &principal,
strlen(*chpw.targrealm), *chpw.targrealm, 0);
+ ret =
krb5_build_principal_ext(kdc->smb_krb5_context->krb5_context,
+ &principal,
+ strlen(*chpw.targrealm),
+ *chpw.targrealm, 0);
+ if (ret) {
+ free_ChangePasswdDataMS(&chpw);
+ return kpasswdd_make_error_reply(kdc, mem_ctx,
+
KRB5_KPASSWD_MALFORMED,
+ "failed to get
principal",
+ reply);
+ }
if (copy_PrincipalName(chpw.targname,
&principal->name)) {
free_ChangePasswdDataMS(&chpw);
+ krb5_free_principal(context, principal);
return kpasswdd_make_error_reply(kdc, mem_ctx,
KRB5_KPASSWD_MALFORMED,
"failed to
extract principal to set",
@@ -349,6 +360,7 @@ static bool kpasswd_process_request(struct kdc_server *kdc,
samdb = samdb_connect(mem_ctx, kdc->task->event_ctx,
kdc->task->lp_ctx, session_info, 0);
if (!samdb) {
+ free(set_password_on_princ);
return kpasswdd_make_error_reply(kdc, mem_ctx,
KRB5_KPASSWD_HARDERROR,
"Unable to open
database!",
@@ -362,6 +374,7 @@ static bool kpasswd_process_request(struct kdc_server *kdc,
set_password_on_princ));
ret = ldb_transaction_start(samdb);
if (ret != LDB_SUCCESS) {
+ free(set_password_on_princ);
status = NT_STATUS_TRANSACTION_ABORTED;
return kpasswd_make_pwchange_reply(kdc, mem_ctx,
status,
--
Samba Shared Repository
