patch: possible unclean memory free in smbd/open.c
Aleksey Fedoseev
aleksey at fedoseev.net
Sun Feb 26 13:30:09 GMT 2006
Good day!
I've found one strange line while analized open.c file in SAMBA3 branch:
On line 1113 the pointer to locking structure is freed by
talloc_destroy, but the pointer variable is not zeroed.
Later, on line 1468 we can see ASSERT of the pointer equals NULL and
programm execution with the freed pointer can reach the line.
I guess, talloc_destroy should be replaced with TALLOC_FREE. Patch attached.
--
Aleksey Fedoseev
jabber: dralex at jabber.ru
pgp keyserver: pgp.mit.edu, key id: 69676F0E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: open.c.diff
Type: text/x-patch
Size: 325 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20060226/aeb136ac/open.c.bin
More information about the samba-technical
mailing list