Fix: memory used after talloc_free() is called
Kamen Mazdrashki
kamen.mazdrashki at postpath.com
Sat Dec 5 16:59:24 MST 2009
Hi,
Here is another one – that was more tricky to catch :-)
Bug is that ‘new_name’ is occasionally a child of ‘streams’.
This happens on when stream_name_normalise() gets called – ‘streams’
is used as a parent context. So if ‘new_name’ needs to be allocated,
this is done as a child for ‘streams’.
CU,
Kamen Mazdrashki
kamen.mazdrashki at postpath.com
http://repo.or.cz/w/Samba/kamenim.git
-------------------------------------
CISCO SYSTEMS BULGARIA EOOD
http://www.cisco.com/global/BG/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-s4-smbstreams-Fix-memory-use-after-free.patch
Type: application/octet-stream
Size: 1264 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20091206/40761d1f/attachment.obj>
More information about the samba-technical
mailing list