Memory leaks
Atsushi Nakabayashi
nakabayashi at miraclelinux.com
Tue Jul 31 01:20:58 GMT 2007
Hi, samba-tech,
I have found a memory leak in the error path of the samba-3.0.24.
---- register_vuid function [ source/smbd/password.c ]
163 /* Limit allowed vuids to 16bits - VUID_OFFSET. */
164 if (num_validated_vuids >= 0xFFFF-VUID_OFFSET) {
165 data_blob_free(&session_key);
166 return UID_FIELD_INVALID;
167 }
168
169 if((vuser = SMB_MALLOC_P(user_struct)) == NULL) {
170 DEBUG(0,("Failed to malloc users struct!\n"));
171 data_blob_free(&session_key);
172 return UID_FIELD_INVALID;
173 }
The server_info is not released,
because its function's parent(calling this register_vuid function)
doesn't release the server_info as below.
----- reply_sesssetup_and_X[source/smbd/sesssetup.c]
1140 /* register_vuid keeps the server info */
1141 sess_vuid = register_vuid(server_info, session_key,
1142 nt_resp.data ? nt_resp
: lm_resp,
1143 sub_user);
1144 if (sess_vuid == UID_FIELD_INVALID) {
1145 data_blob_free(&nt_resp);
1146 data_blob_free(&lm_resp);
1147 return
ERROR_NT(nt_status_squash(NT_STATUS_LOGON_FAILURE));
1148 }
-------------- next part --------------
A non-text attachment was scrubbed...
Name: samba-3.0.24-memleaks.patch
Type: text/x-patch
Size: 706 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20070731/46bbd47c/samba-3.0.24-memleaks.bin
More information about the samba-technical
mailing list