[SCM] Samba Shared Repository - branch master updated

[Matthias Dieter Wallnöfer]

The branch, master has been updated
       via  37c4ced s4:acl LDB module - "acl_rename" - memory contexts fixup
      from  e30299e s4:acl LDB module - add a missing "talloc_free(tmp_ctx)" in an error path

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 37c4ced9bdf6ccca2b00e1189fbdf90cb9836dc7
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Thu Dec 23 21:56:52 2010 +0100

    s4:acl LDB module - "acl_rename" - memory contexts fixup
    
    Autobuild-User: Matthias Dieter Wallnöfer <mdw at samba.org>
    Autobuild-Date: Thu Dec 23 22:49:41 CET 2010 on sn-devel-104

-----------------------------------------------------------------------

Summary of changes:
 source4/dsdb/samdb/ldb_modules/acl.c |   24 +++++++++++++++++++-----
 1 files changed, 19 insertions(+), 5 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c
index 33dcc6b..00dc565 100644
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@@ -1148,26 +1148,28 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req)
 
 	/* Look for the parent */
 
-	ret = dsdb_module_search_dn(module, req, &acl_res, req->op.rename.olddn,
-				    acl_attrs,
+	ret = dsdb_module_search_dn(module, tmp_ctx, &acl_res,
+				    req->op.rename.olddn, acl_attrs,
 				    DSDB_FLAG_NEXT_MODULE |
 				    DSDB_SEARCH_SHOW_RECYCLED);
 	/* we sould be able to find the parent */
 	if (ret != LDB_SUCCESS) {
 		DEBUG(10,("acl: failed to find object %s\n",
 			  ldb_dn_get_linearized(req->op.rename.olddn)));
+		talloc_free(tmp_ctx);
 		return ret;
 	}
 
 	schema = dsdb_get_schema(ldb, acl_res);
 	if (!schema) {
-		talloc_free(acl_res);
+		talloc_free(tmp_ctx);
 		return ldb_operr(ldb);
 	}
 
 	guid = get_oc_guid_from_message(module, schema, acl_res->msgs[0]);
 	if (!insert_in_object_tree(tmp_ctx, guid, SEC_ADS_WRITE_PROP,
 				   &root, &new_node)) {
+		talloc_free(tmp_ctx);
 		return ldb_operr(ldb);
 	};
 
@@ -1175,27 +1177,32 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req)
 							  "name");
 	if (!insert_in_object_tree(tmp_ctx, guid, SEC_ADS_WRITE_PROP,
 				   &new_node, &new_node)) {
+		talloc_free(tmp_ctx);
 		return ldb_operr(ldb);
 	};
 
 	rdn_name = ldb_dn_get_rdn_name(req->op.rename.olddn);
 	if (rdn_name == NULL) {
+		talloc_free(tmp_ctx);
 		return ldb_operr(ldb);
 	}
 	guid = attribute_schemaid_guid_by_lDAPDisplayName(schema,
 							  rdn_name);
 	if (!insert_in_object_tree(tmp_ctx, guid, SEC_ADS_WRITE_PROP,
 				   &new_node, &new_node)) {
+		talloc_free(tmp_ctx);
 		return ldb_operr(ldb);
 	};
 
 	ret = dsdb_get_sd_from_ldb_message(ldb, req, acl_res->msgs[0], &sd);
 
 	if (ret != LDB_SUCCESS) {
+		talloc_free(tmp_ctx);
 		return ldb_operr(ldb);
 	}
 	/* Theoretically we pass the check if the object has no sd */
 	if (!sd) {
+		talloc_free(tmp_ctx);
 		return LDB_SUCCESS;
 	}
 	sid = samdb_result_dom_sid(req, acl_res->msgs[0], "objectSid");
@@ -1213,28 +1220,30 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req)
 			  req->op.rename.olddn,
 			  true,
 			  10);
+		talloc_free(tmp_ctx);
 		return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
 	}
 
 	if (ldb_dn_compare(oldparent, newparent) == 0) {
 		/* regular rename, not move, nothing more to do */
+		talloc_free(tmp_ctx);
 		return ldb_next_request(module, req);
 	}
 
 	/* new parent should have create child */
-	talloc_free(tmp_ctx);
-	tmp_ctx = talloc_new(req);
 	root = NULL;
 	new_node = NULL;
 	guid = get_oc_guid_from_message(module, schema, acl_res->msgs[0]);
 	if (!guid) {
 		DEBUG(10,("acl:renamed object has no object class\n"));
+		talloc_free(tmp_ctx);
 		return ldb_module_done(req, NULL, NULL,  LDB_ERR_OPERATIONS_ERROR);
 	}
 
 	ret = dsdb_module_check_access_on_dn(module, req, newparent, SEC_ADS_CREATE_CHILD, guid);
 	if (ret != LDB_SUCCESS) {
 		DEBUG(10,("acl:access_denied renaming %s", ldb_dn_get_linearized(req->op.rename.olddn)));
+		talloc_free(tmp_ctx);
 		return ret;
 	}
 	/* do we have delete object on the object? */
@@ -1246,14 +1255,19 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req)
 				     sid);
 
 	if (NT_STATUS_IS_OK(status)) {
+		talloc_free(tmp_ctx);
 		return ldb_next_request(module, req);
 	}
 	/* what about delete child on the current parent */
 	ret = dsdb_module_check_access_on_dn(module, req, oldparent, SEC_ADS_DELETE_CHILD, NULL);
 	if (ret != LDB_SUCCESS) {
 		DEBUG(10,("acl:access_denied renaming %s", ldb_dn_get_linearized(req->op.rename.olddn)));
+		talloc_free(tmp_ctx);
 		return ldb_module_done(req, NULL, NULL, ret);
 	}
+
+	talloc_free(tmp_ctx);
+
 	return ldb_next_request(module, req);
 }
 


-- 
Samba Shared Repository