The branch, v4-0-test has been updated
via 51e2615 s4-libcli: Check return value of smbcli_request_setup().
Reviewed-by: Alexander Bokovoy <a...@samba.org>
via f589262 pyauth: Check return value of lpcfg_from_py_object().
Reviewed-by: Alexander Bokovoy <a...@samba.org>
via 56af551 s4-libcli: Check return code of smbcli_request_setup().
Reviewed-by: Alexander Bokovoy <a...@samba.org>
via dc04531 librpc: Add NULL check for ndr functions for epm bindings.
via a925c14 s3-tldap: Make sure we don't deref a null pointer.
Reviewed-by: Alexander Bokovoy <a...@samba.org>
via 5114983 nmbd: Fix request data data processing.
via 5d401e5 libsmb: Fix possible null pointer dereference. Reviewed-by:
Alexander Bokovoy <a...@samba.org>
via 72e902a pdb: Fix array overrun by one. Reviewed-by: Alexander
Bokovoy <a...@samba.org>
via 55fdc89 s3-spoolss: Don't leak memory. Reviewed-by: Alexander
Bokovoy <a...@samba.org>
via 5eaca8f s3-rpc_server: Make sure that fd is really closed on error.
Reviewed-by: Alexander Bokovoy <a...@samba.org>
via bd76950 lib-util: Don't leak file descriptor on error. Reviewed-by:
Alexander Bokovoy <a...@samba.org>
via 22928b0 s3-vfs: Don't leak file descriptor on error. Reviewed-by:
Alexander Bokovoy <a...@samba.org>
via 7e9cfa8 s3-libsmb: Don't leak memory on error. Reviewed-by:
Alexander Bokovoy <a...@samba.org>
via 53538f6 winbind: Don't leak centry memory. Reviewed-by: Alexander
Bokovoy <a...@samba.org>
via 7d2d82a winbind: Don't leak memory on return. Reviewed-by:
Alexander Bokovoy <a...@samba.org>
via 2805032 s3-smbd: Don't leak subcntarr array. Reviewed-by: Alexander
Bokovoy <a...@samba.org>
via 6b9a239 s3-vfs: Don't leak file descriptor. Reviewed-by: Alexander
Bokovoy <a...@samba.org>
via 3461b09 s3-param: Don't leak file descriptor. Reviewed-by:
Alexander Bokovoy <a...@samba.org>
via 2b19732 s3-lsasd: Don't leak file descriptors. Reviewed-by:
Alexander Bokovoy <a...@samba.org>
from 20cb7de Fix bug #9674 - Samba denies owner Read Control when there
is a DENY entry while W2K08 does not.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit 51e2615473110637f574f11f96c6ce2483eaf021
Author: Andreas Schneider <a...@samba.org>
Date: Tue Feb 19 09:00:51 2013 +0100
s4-libcli: Check return value of smbcli_request_setup(). Reviewed-by:
Alexander Bokovoy <a...@samba.org>
The last 7 patches address bug #9687 - Fix several possible null pointer
dereferences.
Autobuild-User(v4-0-test): Karolin Seeger <ksee...@samba.org>
Autobuild-Date(v4-0-test): Wed Feb 27 13:21:07 CET 2013 on sn-devel-104
commit f58926214da4e974d27b7a478e077848bce7982a
Author: Andreas Schneider <a...@samba.org>
Date: Tue Feb 19 08:58:00 2013 +0100
pyauth: Check return value of lpcfg_from_py_object(). Reviewed-by:
Alexander Bokovoy <a...@samba.org>
commit 56af551da8066c5b21a0c3fba705543f76900355
Author: Andreas Schneider <a...@samba.org>
Date: Mon Feb 18 18:00:38 2013 +0100
s4-libcli: Check return code of smbcli_request_setup(). Reviewed-by:
Alexander Bokovoy <a...@samba.org>
commit dc04531aabbd4e965e156e3650860efe6a1ebb34
Author: Andreas Schneider <a...@samba.org>
Date: Mon Feb 18 17:32:28 2013 +0100
librpc: Add NULL check for ndr functions for epm bindings.
Reviewed-by: Alexander Bokovoy <a...@samba.org>
commit a925c141ca753a67b480618f1ab8481de9f6d68a
Author: Andreas Schneider <a...@samba.org>
Date: Mon Feb 18 17:30:19 2013 +0100
s3-tldap: Make sure we don't deref a null pointer. Reviewed-by: Alexander
Bokovoy <a...@samba.org>
commit 511498348417ed5957c7d11463721f6cfc4f7b4b
Author: Andreas Schneider <a...@samba.org>
Date: Mon Feb 18 17:21:31 2013 +0100
nmbd: Fix request data data processing.
answers->rdata is an array and will never be NULL.
Reviewed-by: Alexander Bokovoy <a...@samba.org>
commit 5d401e55b772648cce0e96d8e6a2c8e6ebbd7875
Author: Andreas Schneider <a...@samba.org>
Date: Mon Feb 18 17:11:15 2013 +0100
libsmb: Fix possible null pointer dereference. Reviewed-by: Alexander
Bokovoy <a...@samba.org>
commit 72e902a8c70955709c91af51083471cae76b3672
Author: Andreas Schneider <a...@samba.org>
Date: Tue Feb 19 09:23:53 2013 +0100
pdb: Fix array overrun by one. Reviewed-by: Alexander Bokovoy
<a...@samba.org>
Signed-off-by: Andreas Schneider <a...@samba.org>
Fix bug #9686 - Fix a possible buffer overrun in pdb_smbpasswd.
commit 55fdc89aac7a5344e77759821579d40cc67aa67b
Author: Andreas Schneider <a...@samba.org>
Date: Wed Feb 20 09:06:51 2013 +0100
s3-spoolss: Don't leak memory. Reviewed-by: Alexander Bokovoy
<a...@samba.org>
Fix bug #9685 - Fix a memory leak in spoolss rpc server.
commit 5eaca8f645398877a96aaff98783bf618e6e8bc6
Author: Andreas Schneider <a...@samba.org>
Date: Wed Feb 20 10:52:37 2013 +0100
s3-rpc_server: Make sure that fd is really closed on error. Reviewed-by:
Alexander Bokovoy <a...@samba.org>
The last 10 patches address bug #bug 9683 - Fix several resource (fd) leaks.
commit bd769506ab2caf2ad0740f2d59a15fce881b4c77
Author: Andreas Schneider <a...@samba.org>
Date: Wed Feb 20 10:48:05 2013 +0100
lib-util: Don't leak file descriptor on error. Reviewed-by: Alexander
Bokovoy <a...@samba.org>
commit 22928b0cea0fce41efd211d28a14cbdbdb0c0d06
Author: Andreas Schneider <a...@samba.org>
Date: Wed Feb 20 10:45:06 2013 +0100
s3-vfs: Don't leak file descriptor on error. Reviewed-by: Alexander Bokovoy
<a...@samba.org>
commit 7e9cfa83506b79e226067a9b7322665f40e9c594
Author: Andreas Schneider <a...@samba.org>
Date: Wed Feb 20 10:38:13 2013 +0100
s3-libsmb: Don't leak memory on error. Reviewed-by: Alexander Bokovoy
<a...@samba.org>
commit 53538f66293c5d70ea03567dd229ecfecae9359e
Author: Andreas Schneider <a...@samba.org>
Date: Wed Feb 20 09:51:43 2013 +0100
winbind: Don't leak centry memory. Reviewed-by: Alexander Bokovoy
<a...@samba.org>
commit 7d2d82a0841d04568eef36d6f40aecaa08d87fcf
Author: Andreas Schneider <a...@samba.org>
Date: Wed Feb 20 09:41:55 2013 +0100
winbind: Don't leak memory on return. Reviewed-by: Alexander Bokovoy
<a...@samba.org>
commit 28050328554bcec999b2f97b501322be7661abd1
Author: Andreas Schneider <a...@samba.org>
Date: Wed Feb 20 09:31:17 2013 +0100
s3-smbd: Don't leak subcntarr array. Reviewed-by: Alexander Bokovoy
<a...@samba.org>
commit 6b9a239c472ddbfcf04d6f5248c2ea23d1cb7454
Author: Andreas Schneider <a...@samba.org>
Date: Wed Feb 20 09:16:25 2013 +0100
s3-vfs: Don't leak file descriptor. Reviewed-by: Alexander Bokovoy
<a...@samba.org>
commit 3461b095b0038e542ad0112f004c3eabafb8cc73
Author: Andreas Schneider <a...@samba.org>
Date: Wed Feb 20 09:15:26 2013 +0100
s3-param: Don't leak file descriptor. Reviewed-by: Alexander Bokovoy
<a...@samba.org>
commit 2b19732d8306959790285e5407e231ed0b9e6a3c
Author: Andreas Schneider <a...@samba.org>
Date: Wed Feb 20 09:11:48 2013 +0100
s3-lsasd: Don't leak file descriptors. Reviewed-by: Alexander Bokovoy
<a...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/util/become_daemon.c | 1 +
librpc/rpc/binding.c | 7 +++++-
source3/lib/tldap.c | 3 ++
source3/libsmb/libsmb_server.c | 1 +
source3/libsmb/libsmb_xattr.c | 4 +-
source3/modules/vfs_aio_fork.c | 3 +-
source3/modules/vfs_crossrename.c | 4 ++-
source3/nmbd/nmbd_browsesync.c | 4 +-
source3/param/loadparm.c | 1 +
source3/passdb/pdb_smbpasswd.c | 7 +++--
source3/rpc_server/lsasd.c | 29 ++++++++++++++++----------
source3/rpc_server/rpc_sock_helper.c | 6 +++++
source3/rpc_server/spoolss/srv_spoolss_nt.c | 4 ++-
source3/smbd/lanman.c | 2 +-
source3/winbindd/winbindd_cache.c | 1 +
source3/winbindd/winbindd_cm.c | 3 ++
source4/auth/pyauth.c | 4 +++
source4/libcli/climessage.c | 9 ++++++++
source4/libcli/raw/clioplock.c | 3 ++
source4/libcli/raw/clitree.c | 3 ++
source4/libcli/raw/rawfsinfo.c | 3 ++
21 files changed, 78 insertions(+), 24 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/util/become_daemon.c b/lib/util/become_daemon.c
index 373927c..2ca0478 100644
--- a/lib/util/become_daemon.c
+++ b/lib/util/become_daemon.c
@@ -62,6 +62,7 @@ _PUBLIC_ void close_low_fds(bool stdin_too, bool stdout_too,
bool stderr_too)
}
if (fd != i) {
DEBUG(0,("Didn't get file descriptor %d\n",i));
+ close(fd);
return;
}
}
diff --git a/librpc/rpc/binding.c b/librpc/rpc/binding.c
index f7fbbbc..2fa325f 100644
--- a/librpc/rpc/binding.c
+++ b/librpc/rpc/binding.c
@@ -424,7 +424,12 @@ _PUBLIC_ NTSTATUS dcerpc_floor_get_lhs_data(const struct
epm_floor *epm_floor,
static DATA_BLOB dcerpc_floor_pack_lhs_data(TALLOC_CTX *mem_ctx, const struct
ndr_syntax_id *syntax)
{
DATA_BLOB blob;
- struct ndr_push *ndr = ndr_push_init_ctx(mem_ctx);
+ struct ndr_push *ndr;
+
+ ndr = ndr_push_init_ctx(mem_ctx);
+ if (ndr == NULL) {
+ return data_blob_null;
+ }
ndr->flags |= LIBNDR_FLAG_NOALIGN;
diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c
index 8b04d00..3782708 100644
--- a/source3/lib/tldap.c
+++ b/source3/lib/tldap.c
@@ -1370,6 +1370,9 @@ static bool tldap_push_filter_basic(struct tldap_context
*ld,
dn++;
rule = strchr(dn, ':');
+ if (rule == NULL) {
+ return false;
+ }
if ((rule == dn + 1) || rule + 1 == e) {
/* malformed filter, contains "::" */
return false;
diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c
index 99aa74c..3f86d50 100644
--- a/source3/libsmb/libsmb_server.c
+++ b/source3/libsmb/libsmb_server.c
@@ -812,6 +812,7 @@ SMBC_attr_server(TALLOC_CTX *ctx,
if (!NT_STATUS_IS_OK(nt_status)) {
errno = SMBC_errno(context, ipc_srv->cli);
cli_shutdown(ipc_srv->cli);
+ free(ipc_srv);
return NULL;
}
diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c
index 03cdc34..c2ba61f 100644
--- a/source3/libsmb/libsmb_xattr.c
+++ b/source3/libsmb/libsmb_xattr.c
@@ -351,7 +351,7 @@ parse_ace(struct cli_state *ipc_cli,
goto done;
}
- for (v = standard_values; v->perm; v++) {
+ for (v = standard_values; v != NULL; v++) {
if (strcmp(tok, v->perm) == 0) {
amask = v->mask;
goto done;
@@ -363,7 +363,7 @@ parse_ace(struct cli_state *ipc_cli,
while(*p) {
bool found = False;
- for (v = special_values; v->perm; v++) {
+ for (v = special_values; v != NULL; v++) {
if (v->perm[0] == *p) {
amask |= v->mask;
found = True;
diff --git a/source3/modules/vfs_aio_fork.c b/source3/modules/vfs_aio_fork.c
index 3db336f..0e7259b 100644
--- a/source3/modules/vfs_aio_fork.c
+++ b/source3/modules/vfs_aio_fork.c
@@ -68,13 +68,12 @@ static struct mmap_area *mmap_area_init(TALLOC_CTX
*mem_ctx, size_t size)
result->ptr = mmap(NULL, size, PROT_READ|PROT_WRITE,
MAP_SHARED|MAP_FILE, fd, 0);
+ close(fd);
if (result->ptr == MAP_FAILED) {
DEBUG(1, ("mmap failed: %s\n", strerror(errno)));
goto fail;
}
- close(fd);
-
result->size = size;
talloc_set_destructor(result, mmap_area_destructor);
diff --git a/source3/modules/vfs_crossrename.c
b/source3/modules/vfs_crossrename.c
index 19a182c..9bb42b9 100644
--- a/source3/modules/vfs_crossrename.c
+++ b/source3/modules/vfs_crossrename.c
@@ -73,8 +73,10 @@ static int copy_reg(const char *source, const char *dest)
if((ifd = open (source, O_RDONLY, 0)) < 0)
return -1;
- if (unlink (dest) && errno != ENOENT)
+ if (unlink (dest) && errno != ENOENT) {
+ close(ifd);
return -1;
+ }
#ifdef O_NOFOLLOW
if((ofd = open (dest, O_WRONLY | O_CREAT | O_TRUNC | O_NOFOLLOW, 0600))
< 0 )
diff --git a/source3/nmbd/nmbd_browsesync.c b/source3/nmbd/nmbd_browsesync.c
index b56baed..03d0ada 100644
--- a/source3/nmbd/nmbd_browsesync.c
+++ b/source3/nmbd/nmbd_browsesync.c
@@ -194,7 +194,7 @@ static void domain_master_node_status_success(struct
subnet_record *subrec,
/* Go through the list of names found at answers->rdata and look for
the first SERVER<0x20> name. */
- if(answers->rdata != NULL) {
+ if (answers->rdlength > 0) {
char *p = answers->rdata;
int numnames = CVAL(p, 0);
@@ -417,7 +417,7 @@ static void
get_domain_master_name_node_status_success(struct subnet_record *sub
* the first WORKGROUP<0x1b> name.
*/
- if(answers->rdata != NULL) {
+ if (answers->rdlength > 0) {
char *p = answers->rdata;
int numnames = CVAL(p, 0);
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 0e1b019..cbcab78 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -4399,6 +4399,7 @@ static int process_usershare_file(const char *dir_name,
const char *file_name, i
/* This must be a regular file, not a symlink, directory or
other strange filetype. */
if (!check_usershare_stat(fname, &sbuf)) {
+ close(fd);
goto out;
}
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c
index 0703ea4..83785c6 100644
--- a/source3/passdb/pdb_smbpasswd.c
+++ b/source3/passdb/pdb_smbpasswd.c
@@ -737,7 +737,8 @@ static bool mod_smbfilepwd_entry(struct smbpasswd_privates
*smbpasswd_state, con
fstring user_name;
char *status;
- char linebuf[256];
+#define LINEBUF_SIZE 255
+ char linebuf[LINEBUF_SIZE + 1];
char readbuf[1024];
int c;
fstring ascii_p16;
@@ -792,7 +793,7 @@ static bool mod_smbfilepwd_entry(struct smbpasswd_privates
*smbpasswd_state, con
linebuf[0] = '\0';
- status = fgets(linebuf, sizeof(linebuf), fp);
+ status = fgets(linebuf, LINEBUF_SIZE, fp);
if (status == NULL && ferror(fp)) {
pw_file_unlock(lockfd,
&smbpasswd_state->pw_file_lock_depth);
fclose(fp);
@@ -1021,7 +1022,7 @@ This is no longer supported.!\n", pwd->smb_name));
dump_data(100, (uint8 *)ascii_p16, wr_len);
#endif
- if(wr_len > sizeof(linebuf)) {
+ if(wr_len > LINEBUF_SIZE) {
DEBUG(0, ("mod_smbfilepwd_entry: line to write (%d) is too
long.\n", wr_len+1));
pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
fclose(fp);
diff --git a/source3/rpc_server/lsasd.c b/source3/rpc_server/lsasd.c
index fd6c248..fc6823f 100644
--- a/source3/rpc_server/lsasd.c
+++ b/source3/rpc_server/lsasd.c
@@ -597,7 +597,7 @@ static bool lsasd_create_sockets(struct tevent_context
*ev_ctx,
TALLOC_CTX *tmp_ctx;
NTSTATUS status;
uint32_t i;
- int fd;
+ int fd = -1;
int rc;
bool ok = true;
@@ -640,8 +640,6 @@ static bool lsasd_create_sockets(struct tevent_context
*ev_ctx,
ok = false;
goto done;
}
- listen_fd[*listen_fd_size] = fd;
- (*listen_fd_size)++;
rc = listen(fd, pf_lsasd_cfg.max_allowed_clients);
if (rc == -1) {
@@ -650,14 +648,14 @@ static bool lsasd_create_sockets(struct tevent_context
*ev_ctx,
ok = false;
goto done;
}
+ listen_fd[*listen_fd_size] = fd;
+ (*listen_fd_size)++;
fd = create_named_pipe_socket("lsass");
if (fd < 0) {
ok = false;
goto done;
}
- listen_fd[*listen_fd_size] = fd;
- (*listen_fd_size)++;
rc = listen(fd, pf_lsasd_cfg.max_allowed_clients);
if (rc == -1) {
@@ -666,14 +664,14 @@ static bool lsasd_create_sockets(struct tevent_context
*ev_ctx,
ok = false;
goto done;
}
+ listen_fd[*listen_fd_size] = fd;
+ (*listen_fd_size)++;
fd = create_dcerpc_ncalrpc_socket("lsarpc");
if (fd < 0) {
ok = false;
goto done;
}
- listen_fd[*listen_fd_size] = fd;
- (*listen_fd_size)++;
rc = listen(fd, pf_lsasd_cfg.max_allowed_clients);
if (rc == -1) {
@@ -682,6 +680,9 @@ static bool lsasd_create_sockets(struct tevent_context
*ev_ctx,
ok = false;
goto done;
}
+ listen_fd[*listen_fd_size] = fd;
+ (*listen_fd_size)++;
+ fd = -1;
v = dcerpc_binding_vector_dup(tmp_ctx, v_orig);
if (v == NULL) {
@@ -734,8 +735,6 @@ static bool lsasd_create_sockets(struct tevent_context
*ev_ctx,
ok = false;
goto done;
}
- listen_fd[*listen_fd_size] = fd;
- (*listen_fd_size)++;
rc = listen(fd, pf_lsasd_cfg.max_allowed_clients);
if (rc == -1) {
@@ -744,6 +743,9 @@ static bool lsasd_create_sockets(struct tevent_context
*ev_ctx,
ok = false;
goto done;
}
+ listen_fd[*listen_fd_size] = fd;
+ (*listen_fd_size)++;
+ fd = -1;
v = dcerpc_binding_vector_dup(tmp_ctx, v_orig);
if (v == NULL) {
@@ -796,16 +798,18 @@ static bool lsasd_create_sockets(struct tevent_context
*ev_ctx,
ok = false;
goto done;
}
- listen_fd[*listen_fd_size] = fd;
- (*listen_fd_size)++;
rc = listen(fd, pf_lsasd_cfg.max_allowed_clients);
if (rc == -1) {
DEBUG(0, ("Failed to listen on netlogon ncalrpc - %s\n",
strerror(errno)));
+ close(fd);
ok = false;
goto done;
}
+ listen_fd[*listen_fd_size] = fd;
+ (*listen_fd_size)++;
+ fd = -1;
v = dcerpc_binding_vector_dup(tmp_ctx, v_orig);
if (v == NULL) {
@@ -837,6 +841,9 @@ static bool lsasd_create_sockets(struct tevent_context
*ev_ctx,
}
done:
+ if (fd != -1) {
+ close(fd);
+ }
talloc_free(tmp_ctx);
return ok;
}
diff --git a/source3/rpc_server/rpc_sock_helper.c
b/source3/rpc_server/rpc_sock_helper.c
index 198df90..dc88f25 100644
--- a/source3/rpc_server/rpc_sock_helper.c
+++ b/source3/rpc_server/rpc_sock_helper.c
@@ -63,6 +63,9 @@ NTSTATUS rpc_create_tcpip_sockets(const struct
ndr_interface_table *iface,
fd = create_tcpip_socket(ifss, &p);
if (fd < 0 || p == 0) {
status = NT_STATUS_UNSUCCESSFUL;
+ if (fd != -1) {
+ close(fd);
+ }
goto done;
}
listen_fd[*listen_fd_size] = fd;
@@ -124,6 +127,9 @@ NTSTATUS rpc_create_tcpip_sockets(const struct
ndr_interface_table *iface,
fd = create_tcpip_socket(&ss, &p);
if (fd < 0 || p == 0) {
status = NT_STATUS_UNSUCCESSFUL;
+ if (fd != -1) {
+ close(fd);
+ }
goto done;
}
listen_fd[*listen_fd_size] = fd;
diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c
b/source3/rpc_server/spoolss/srv_spoolss_nt.c
index 1b3a16f..ae3e991 100644
--- a/source3/rpc_server/spoolss/srv_spoolss_nt.c
+++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c
@@ -4857,8 +4857,10 @@ static WERROR string_array_from_driver_info(TALLOC_CTX
*mem_ctx,
&array, &num_strings);
}
- if (presult) {
+ if (presult != NULL) {
*presult = array;
+ } else {
+ talloc_free(array);
}
return WERR_OK;
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index d54e1d5..b5598a4 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -1159,8 +1159,8 @@ static bool api_DosPrintQEnum(struct
smbd_server_connection *sconn,
}
}
- SAFE_FREE(subcntarr);
out:
+ SAFE_FREE(subcntarr);
*rdata_len = desc.usedlen;
*rparam_len = 8;
*rparam = smb_realloc_limit(*rparam,*rparam_len);
diff --git a/source3/winbindd/winbindd_cache.c
b/source3/winbindd/winbindd_cache.c
index 517a302..6ae46db 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -2140,6 +2140,7 @@ static NTSTATUS rids_to_names(struct winbindd_domain
*domain,
} else {
/* something's definitely wrong */
result = centry->status;
+ centry_free(centry);
goto error;
}
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 33eeb32..38c2f7d 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -1013,6 +1013,9 @@ static NTSTATUS cm_prepare_connection(const struct
winbindd_domain *domain,
if ( !(*cli)->domain[0] ) {
result = cli_set_domain((*cli), domain->name);
if (!NT_STATUS_IS_OK(result)) {
+ SAFE_FREE(ipc_username);
+ SAFE_FREE(ipc_domain);
+ SAFE_FREE(ipc_password);
return result;
}
}
diff --git a/source4/auth/pyauth.c b/source4/auth/pyauth.c
index f07fa78..437e671 100644
--- a/source4/auth/pyauth.c
+++ b/source4/auth/pyauth.c
@@ -245,6 +245,10 @@ static PyObject *py_auth_context_new(PyTypeObject *type,
PyObject *args, PyObjec
}
lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
+ if (lp_ctx == NULL) {
+ PyErr_NoMemory();
+ return NULL;
+ }
ev = s4_event_context_init(mem_ctx);
if (ev == NULL) {
diff --git a/source4/libcli/climessage.c b/source4/libcli/climessage.c
index 5ed0e8e..3e9808c 100644
--- a/source4/libcli/climessage.c
+++ b/source4/libcli/climessage.c
@@ -33,6 +33,9 @@ bool smbcli_message_start(struct smbcli_tree *tree, const
char *host, const char
struct smbcli_request *req;
req = smbcli_request_setup(tree, SMBsendstrt, 0, 0);
+ if (req == NULL) {
+ return false;
+ }
smbcli_req_append_string(req, username, STR_TERMINATE);
smbcli_req_append_string(req, host, STR_TERMINATE);
if (!smbcli_request_send(req) ||
@@ -57,6 +60,9 @@ bool smbcli_message_text(struct smbcli_tree *tree, char *msg,
int len, int grp)
struct smbcli_request *req;
req = smbcli_request_setup(tree, SMBsendtxt, 1, 0);
+ if (req == NULL) {
+ return false;
+ }
SSVAL(req->out.vwv, VWV(0), grp);
smbcli_req_append_bytes(req, (const uint8_t *)msg, len);
@@ -80,6 +86,9 @@ bool smbcli_message_end(struct smbcli_tree *tree, int grp)
struct smbcli_request *req;
req = smbcli_request_setup(tree, SMBsendend, 1, 0);
+ if (req == NULL) {
+ return false;
+ }
SSVAL(req->out.vwv, VWV(0), grp);
if (!smbcli_request_send(req) ||
diff --git a/source4/libcli/raw/clioplock.c b/source4/libcli/raw/clioplock.c
index 396ab96..6c04843 100644
--- a/source4/libcli/raw/clioplock.c
+++ b/source4/libcli/raw/clioplock.c
@@ -30,6 +30,9 @@ _PUBLIC_ bool smbcli_oplock_ack(struct smbcli_tree *tree,
uint16_t fnum, uint16_
struct smbcli_request *req;
req = smbcli_request_setup(tree, SMBlockingX, 8, 0);
+ if (req == NULL) {
+ return false;
+ }
SSVAL(req->out.vwv,VWV(0),0xFF);
SSVAL(req->out.vwv,VWV(1),0);
diff --git a/source4/libcli/raw/clitree.c b/source4/libcli/raw/clitree.c
index 1c3321e..11be548 100644
--- a/source4/libcli/raw/clitree.c
+++ b/source4/libcli/raw/clitree.c
@@ -168,6 +168,9 @@ _PUBLIC_ NTSTATUS smb_tree_disconnect(struct smbcli_tree
*tree)
if (!tree) return NT_STATUS_OK;
req = smbcli_request_setup(tree, SMBtdis, 0, 0);
+ if (req == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
if (smbcli_request_send(req)) {
(void) smbcli_request_receive(req);
diff --git a/source4/libcli/raw/rawfsinfo.c b/source4/libcli/raw/rawfsinfo.c
index 08f68dd..9c03e14 100644
--- a/source4/libcli/raw/rawfsinfo.c
+++ b/source4/libcli/raw/rawfsinfo.c
@@ -33,6 +33,9 @@ static struct smbcli_request *smb_raw_dskattr_send(struct
smbcli_tree *tree,
struct smbcli_request *req;
req = smbcli_request_setup(tree, SMBdskattr, 0, 0);
+ if (req == NULL) {
+ return NULL;
+ }
if (!smbcli_request_send(req)) {
smbcli_request_destroy(req);
--
Samba Shared Repository
