[PATCH 1/3] s3-auth: Pass mem_ctx to make_server_info_sam().
Andreas Schneider
asn at samba.org
Tue Feb 18 06:50:57 MST 2014
Coverity-Id: 1168009
BUG: https://bugzilla.samba.org/show_bug.cgi?id=8598
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source3/auth/check_samsec.c | 2 +-
source3/auth/proto.h | 5 ++--
source3/auth/server_info_sam.c | 56 +++++++++++++++++++++++++++---------------
source3/auth/user_krb5.c | 12 +++++----
4 files changed, 47 insertions(+), 28 deletions(-)
diff --git a/source3/auth/check_samsec.c b/source3/auth/check_samsec.c
index 7ed8cc2..b6cac60 100644
--- a/source3/auth/check_samsec.c
+++ b/source3/auth/check_samsec.c
@@ -482,7 +482,7 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge,
}
become_root();
- nt_status = make_server_info_sam(server_info, sampass);
+ nt_status = make_server_info_sam(mem_ctx, sampass, server_info);
unbecome_root();
TALLOC_FREE(sampass);
diff --git a/source3/auth/proto.h b/source3/auth/proto.h
index 7abca07..eac3e54 100644
--- a/source3/auth/proto.h
+++ b/source3/auth/proto.h
@@ -190,8 +190,9 @@ bool make_user_info_guest(const struct tsocket_address *remote_address,
struct auth_usersupplied_info **user_info);
struct samu;
-NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
- struct samu *sampass);
+NTSTATUS make_server_info_sam(TALLOC_CTX *mem_ctx,
+ struct samu *sampass,
+ struct auth_serversupplied_info **pserver_info);
NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
const struct auth_serversupplied_info *server_info,
DATA_BLOB *session_key,
diff --git a/source3/auth/server_info_sam.c b/source3/auth/server_info_sam.c
index 5d657f9..47087b1 100644
--- a/source3/auth/server_info_sam.c
+++ b/source3/auth/server_info_sam.c
@@ -58,39 +58,51 @@ static bool is_our_machine_account(const char *username)
Make (and fill) a user_info struct from a struct samu
***************************************************************************/
-NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
- struct samu *sampass)
+NTSTATUS make_server_info_sam(TALLOC_CTX *mem_ctx,
+ struct samu *sampass,
+ struct auth_serversupplied_info **pserver_info)
{
struct passwd *pwd;
- struct auth_serversupplied_info *result;
+ struct auth_serversupplied_info *server_info;
const char *username = pdb_get_username(sampass);
+ TALLOC_CTX *tmp_ctx;
NTSTATUS status;
- if ( !(result = make_server_info(NULL)) ) {
+ tmp_ctx = talloc_stackframe();
+ if (tmp_ctx == NULL) {
return NT_STATUS_NO_MEMORY;
}
- if ( !(pwd = Get_Pwnam_alloc(result, username)) ) {
+ server_info = make_server_info(tmp_ctx);
+ if (server_info == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ pwd = Get_Pwnam_alloc(tmp_ctx, username);
+ if (pwd == NULL) {
DEBUG(1, ("User %s in passdb, but getpwnam() fails!\n",
pdb_get_username(sampass)));
- TALLOC_FREE(result);
- return NT_STATUS_NO_SUCH_USER;
+ status = NT_STATUS_NO_SUCH_USER;
+ goto out;
}
- status = samu_to_SamInfo3(result, sampass, lp_netbios_name(),
- &result->info3, &result->extra);
+ status = samu_to_SamInfo3(server_info,
+ sampass,
+ lp_netbios_name(),
+ &server_info->info3,
+ &server_info->extra);
if (!NT_STATUS_IS_OK(status)) {
- TALLOC_FREE(result);
- return status;
+ goto out;
}
- result->unix_name = pwd->pw_name;
- /* Ensure that we keep pwd->pw_name, because we will free pwd below */
- talloc_steal(result, pwd->pw_name);
- result->utok.gid = pwd->pw_gid;
- result->utok.uid = pwd->pw_uid;
+ server_info->unix_name = talloc_strdup(server_info, pwd->pw_name);
+ if (server_info->unix_name == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto out;
+ }
- TALLOC_FREE(pwd);
+ server_info->utok.gid = pwd->pw_gid;
+ server_info->utok.uid = pwd->pw_uid;
if (IS_DC && is_our_machine_account(username)) {
/*
@@ -110,9 +122,13 @@ NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
}
DEBUG(5,("make_server_info_sam: made server info for user %s -> %s\n",
- pdb_get_username(sampass), result->unix_name));
+ pdb_get_username(sampass), server_info->unix_name));
+
+ *pserver_info = talloc_steal(mem_ctx, server_info);
- *server_info = result;
+ status = NT_STATUS_OK;
+out:
+ talloc_free(tmp_ctx);
- return NT_STATUS_OK;
+ return status;
}
diff --git a/source3/auth/user_krb5.c b/source3/auth/user_krb5.c
index 2650e27..6b8fad2 100644
--- a/source3/auth/user_krb5.c
+++ b/source3/auth/user_krb5.c
@@ -223,9 +223,6 @@ NTSTATUS make_session_info_krb5(TALLOC_CTX *mem_ctx,
* SID consistency with ntlmssp session setup
*/
struct samu *sampass;
- /* The stupid make_server_info_XX functions here
- don't take a talloc context. */
- struct auth_serversupplied_info *tmp = NULL;
sampass = samu_new(talloc_tos());
if (sampass == NULL) {
@@ -235,14 +232,19 @@ NTSTATUS make_session_info_krb5(TALLOC_CTX *mem_ctx,
if (pdb_getsampwnam(sampass, username)) {
DEBUG(10, ("found user %s in passdb, calling "
"make_server_info_sam\n", username));
- status = make_server_info_sam(&tmp, sampass);
+ status = make_server_info_sam(mem_ctx,
+ sampass,
+ &server_info);
} else {
/*
* User not in passdb, make it up artificially
*/
DEBUG(10, ("didn't find user %s in passdb, calling "
"make_server_info_pw\n", username));
- status = make_server_info_pw(mem_ctx, username, pw, &tmp);
+ status = make_server_info_pw(mem_ctx,
+ username,
+ pw,
+ &server_info);
}
TALLOC_FREE(sampass);
--
1.8.5.2
More information about the samba-technical
mailing list