[PATCH] Stop use after free
Alistair Leslie-Hughes
leslie_alistair at hotmail.com
Wed Sep 25 00:16:47 MDT 2013
Hi,
The reply_arg variable can be use after it has been free. This is just a
copy from the source4 version.
Should fix
https://bugzilla.samba.org/show_bug.cgi?id=10087
Best Regards
Alistair Leslie-Hughes
-------------- next part --------------
>From 46be59f4b2eb5f17335183a7550a14b84a66f7e6 Mon Sep 17 00:00:00 2001
From: Alistair Leslie-Hughes <leslie_alistair at hotmail.com>
Date: Wed, 25 Sep 2013 16:07:27 +1000
Subject: [PATCH] Stop use after free
---
source3/utils/ntlm_auth.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 8d55629..6953a85 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -1678,7 +1678,9 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
} else {
reply_code = "AF";
- reply_arg = session_info->unix_info->unix_name;
+ reply_arg = talloc_asprintf(state->gensec_state,
+ "%s%s%s", session_info->info->domain_name,
+ lpcfg_winbind_separator(lp_ctx), session_info->info->account_name);
talloc_free(session_info);
}
} else if (state->gensec_state->gensec_role == GENSEC_CLIENT) {
--
1.8.1.2
More information about the samba-technical
mailing list