double free in close_internal_rpc_pipe_hnd
Gerald (Jerry) Carter
jerry at samba.org
Mon Feb 20 18:04:54 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gerald (Jerry) Carter wrote:
>>> Index: SAMBA_3_0/source/rpc_server/srv_pipe.c
>>> ===================================================================
>>> --- SAMBA_3_0/source/rpc_server/srv_pipe.c (revision 13563)
>>> +++ SAMBA_3_0/source/rpc_server/srv_pipe.c (working copy)
>>> @@ -617,6 +617,7 @@
>>>
>>> /* Set up for non-authenticated user. */
>>> talloc_free(p->pipe_user.nt_user_token);
>>> + p->pipe_user.nt_user_token = NULL;
>>> p->pipe_user.ut.ngroups = 0;
>>> SAFE_FREE( p->pipe_user.ut.groups);
>
> Looks right to me. This is exactly why I use the
> TALLOC_FREE() macro which resets the point to NULL after
> calling talloc_free().
James,
I just checked in a rename of all calls to talloc_free()
to TALLOC_FREE() which should fix this issue as well.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFD+gTGIR7qMdg1EfYRAkXCAKDUFOVE/0FOBJzFQyI0lkpdpGDKRQCdFZ1j
50R6kVpLiRZr0EHPZVUNo8w=
=LXzm
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list