[PATCH master] Fix leak in source3/passdb/machine_account_secrets.c

Wed Sep 5 12:01:36 MDT 2012

On Wed, Sep 05, 2012 at 07:44:05PM +0200, Michele Baldessari wrote:
> commit 63ac8088d13f2e8a550757b978a79d881c2a4760
> Author: Michele Baldessari <michele at acksyn.org>
> Date:   Wed Sep 5 15:31:51 2012 +0200
> 
>     Free protect_ids in secret_store_domain_sid() as the caller of fetch_secrets() must free the result in order to not leak memory.
> 
> diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c
> index 300455a..70d7106 100644
> --- a/source3/passdb/machine_account_secrets.c
> +++ b/source3/passdb/machine_account_secrets.c
> @@ -101,9 +101,11 @@ bool secrets_store_domain_sid(const char *domain, const struct dom_sid  *sid)
>  		if (strncmp(protect_ids, "TRUE", 4)) {
>  			DEBUG(0, ("Refusing to store a Domain SID, "
>  				  "it has been marked as protected!\n"));
> +			SAFE_FREE(protect_ids);
>  			return false;
>  		}
>  	}
> +	SAFE_FREE(protect_ids);
>  #endif
>  
>  	ret = secrets_store(domain_sid_keystr(domain), sid, sizeof(struct dom_sid ));

Perfectly correct - pushed !

Thanks,

Jeremy.