[PATCH] Fixes for winbindd
Andrew Bartlett
abartlet at samba.org
Thu Jul 31 02:28:32 MDT 2014
On Sat, 2014-07-26 at 09:44 +1200, Andrew Bartlett wrote:
> On Fri, 2014-07-25 at 22:59 +0200, Volker Lendecke wrote:
> > On Sat, Jul 26, 2014 at 08:26:18AM +1200, Andrew Bartlett wrote:
> > > netlogon_creds_cli_DsrUpdateReadOnlyServerDnsRecords_send() creates
> > > state on mem_ctx, which is frame in
> > > netlogon_creds_cli_DsrUpdateReadOnlyServerDnsRecords()
> > >
> > > struct netlogon_creds_cli_DsrUpdateReadOnlyServerDnsRecords_state *state;
> > > struct tevent_req *subreq;
> > >
> > > req = tevent_req_create(mem_ctx, &state,
> > > struct netlogon_creds_cli_DsrUpdateReadOnlyServerDnsRecords_state);
> > > if (req == NULL) {
> > > return NULL;
> > > }
> > >
> > > The state->dns_names is an in/out parameter as dns_names to
> > > netlogon_creds_cli_DsrUpdateReadOnlyServerDnsRecords() and has a longer
> > > life time.
> > >
> > > The issue isn't the async, it is that the memory needs to be around
> > > longer than the state variable.
> > >
> > > The typical approach of a talloc_steal won't work, due to the way the
> > > ref variable is overwritten. The struct NL_DNS_NAME_INFO_ARRAY
> > > dns_names is the original input array, but the elements are overwritten
> > > in dcerpc_netr_DsrUpdateReadOnlyServerDnsRecords_done()
> >
> > Ok, understood. To be honest, I'd call this a bug in the way
> > pidl generates code. I'm not sure there's a better way to do
> > it, but this is really, really obscure. I'd like to hear
> > what metze has to say about this before it goes in.
> >
> > The pure fact that this crash initially went in shows that
> > something is wrong.
>
> I do feel the same. It seems to me that in/out variables used this way
> should be the talloc children of what we pass in, and/or that the
> structure (rather than argument based) calling convention could have
> made this clearer.
Can we please push these patches? I still want metze's view, but I
think the patches are as correct as things can be right now, and so
should go in while we restructure the pidl generator.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list