[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Mon Oct 21 19:29:02 MDT 2013 

The branch, master has been updated
       via  4e06c61 ldb: Fix CID 240798 Uninitialized pointer read
       via  71c8cd1 winbind3: Fix CID 241468 Resource leak
       via  e8a77df ntvfs: Fix CID 1107225 Resource leak
       via  ee78af3 ntvfs: Fix Coverity ID 1107224 Resource leak
      from  d286b17d idmap_autorid: fix traversal of ranges to correctly exclude mapping records.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 4e06c61b41fdde21fafaeee3c4fb3366744de9d9
Author: Volker Lendecke <vl at samba.org>
Date:   Sun Oct 20 17:29:29 2013 +0200

    ldb: Fix CID 240798 Uninitialized pointer read
    
    Not called right now, because nobody tries multiple sort attributes. But if
    someone did, build_response would have looked at the uninitialized controls.
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Tue Oct 22 03:28:20 CEST 2013 on sn-devel-104

commit 71c8cd19cf079c7e1462a9ca4432725e3623f7cd
Author: Volker Lendecke <vl at samba.org>
Date:   Sun Oct 20 17:25:27 2013 +0200

    winbind3: Fix CID 241468 Resource leak
    
    We were leaking centry in this error case
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit e8a77df79e73599bb18f30c139edeece45846239
Author: Volker Lendecke <vl at samba.org>
Date:   Sun Oct 20 17:16:11 2013 +0200

    ntvfs: Fix CID 1107225 Resource leak
    
    After the talloc_strdup, we don't need cwd anymore.
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit ee78af33fe5c9d84de35bbb0687b6d185abc8cf6
Author: Volker Lendecke <vl at samba.org>
Date:   Sun Oct 20 17:11:16 2013 +0200

    ntvfs: Fix Coverity ID 1107224 Resource leak
    
    In this error path we were leaking "fd".
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 lib/ldb/modules/sort.c            |    2 +-
 source3/winbindd/winbindd_cache.c |    1 +
 source4/ntvfs/posix/pvfs_open.c   |    4 +++-
 source4/ntvfs/posix/pvfs_sys.c    |    4 +++-
 4 files changed, 8 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/ldb/modules/sort.c b/lib/ldb/modules/sort.c
index c6fce2d..1b762f7 100644
--- a/lib/ldb/modules/sort.c
+++ b/lib/ldb/modules/sort.c
@@ -252,7 +252,6 @@ static int server_sort_search(struct ldb_module *module, struct ldb_request *req
 	struct ldb_control *control;
 	struct ldb_server_sort_control **sort_ctrls;
 	struct ldb_control **saved_controls;
-	struct ldb_control **controls;
 	struct ldb_request *down_req;
 	struct sort_context *ac;
 	struct ldb_context *ldb;
@@ -286,6 +285,7 @@ static int server_sort_search(struct ldb_module *module, struct ldb_request *req
 		
 	if (sort_ctrls[1] != NULL) {
 		if (control->critical) {
+			struct ldb_control **controls = NULL;
 
 			/* callback immediately */
 			ret = build_response(req, &controls,
diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index 7252927..91c19fa 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -2090,6 +2090,7 @@ static NTSTATUS rids_to_names(struct winbindd_domain *domain,
 		} else {
 			/* something's definitely wrong */
 			result = centry->status;
+			centry_free(centry);
 			goto error;
 		}
 
diff --git a/source4/ntvfs/posix/pvfs_open.c b/source4/ntvfs/posix/pvfs_open.c
index a095f74..ceee642 100644
--- a/source4/ntvfs/posix/pvfs_open.c
+++ b/source4/ntvfs/posix/pvfs_open.c
@@ -717,7 +717,9 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs,
 	if (io->generic.in.query_maximal_access) {
 		status = pvfs_access_maximal_allowed(pvfs, req, name, 
 						     &io->generic.out.maximal_access);
-		NT_STATUS_NOT_OK_RETURN(status);
+		if (!NT_STATUS_IS_OK(status)) {
+			goto cleanup_delete;
+		}
 	}
 
 	/* form the lock context used for byte range locking and
diff --git a/source4/ntvfs/posix/pvfs_sys.c b/source4/ntvfs/posix/pvfs_sys.c
index 5775d0b..eb710f6 100644
--- a/source4/ntvfs/posix/pvfs_sys.c
+++ b/source4/ntvfs/posix/pvfs_sys.c
@@ -196,9 +196,11 @@ static struct pvfs_sys_ctx *pvfs_sys_pushdir(struct pvfs_state *pvfs,
 		talloc_free(ctx);
 		return NULL;
 	}
+
 	ctx->old_wd = talloc_strdup(ctx, cwd);
+	free(cwd);
+
 	if (ctx->old_wd == NULL) {
-		free(cwd);
 		talloc_free(ctx);
 		return NULL;
 	}


-- 
Samba Shared Repository

More information about the samba-cvs mailing list