From f2da9c8c1a2f7a4b805f43fd643f877c9274799a Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 23 Oct 2009 17:23:56 +0200 Subject: [PATCH] libcli/auth: fix memory leak in schannel_creds_server_step_check_ldb() metze --- libcli/auth/schannel_state_ldb.c | 61 ++++++++++++++++++++++++---------------- 1 file changed, 37 insertions(+), 24 deletions(-) diff --git a/libcli/auth/schannel_state_ldb.c b/libcli/auth/schannel_state_ldb.c index 161c5378eae..ba3d96fcf7e 100644 --- a/libcli/auth/schannel_state_ldb.c +++ b/libcli/auth/schannel_state_ldb.c @@ -270,10 +270,21 @@ NTSTATUS schannel_creds_server_step_check_ldb(struct ldb_context *ldb, struct netr_Authenticator *return_authenticator, struct netlogon_creds_CredentialState **creds_out) { - struct netlogon_creds_CredentialState *creds; + struct netlogon_creds_CredentialState *creds = NULL; NTSTATUS nt_status; int ret; + /* If we are flaged that schannel is required for a call, and + * it is not in use, then make this an error */ + + /* It would be good to make this mandetory once schannel is + * negoiated, but this is not what windows does */ + if (schannel_required_for_call && !schannel_in_use) { + DEBUG(0,("schannel_creds_server_step_check: client %s not using schannel for netlogon, despite negotiating it\n", + creds->computer_name )); + return NT_STATUS_ACCESS_DENIED; + } + ret = ldb_transaction_start(ldb); if (ret != 0) { return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -285,37 +296,39 @@ NTSTATUS schannel_creds_server_step_check_ldb(struct ldb_context *ldb, nt_status = schannel_fetch_session_key_ldb(ldb, ldb, computer_name, &creds); + if (!NT_STATUS_IS_OK(nt_status)) { + ldb_transaction_cancel(ldb); + return nt_status; + } - /* If we are flaged that schannel is required for a call, and - * it is not in use, then make this an error */ - - /* It would be good to make this mandetory once schannel is - * negoiated, bu this is not what windows does */ - if (schannel_required_for_call && !schannel_in_use) { - DEBUG(0,("schannel_creds_server_step_check: client %s not using schannel for netlogon, despite negotiating it\n", - creds->computer_name )); + nt_status = netlogon_creds_server_step_check(creds, + received_authenticator, + return_authenticator); + if (!NT_STATUS_IS_OK(nt_status)) { ldb_transaction_cancel(ldb); - return NT_STATUS_ACCESS_DENIED; + talloc_free(creds); + return nt_status; } - if (NT_STATUS_IS_OK(nt_status)) { - nt_status = netlogon_creds_server_step_check(creds, - received_authenticator, - return_authenticator); + nt_status = schannel_store_session_key_ldb(ldb, mem_ctx, creds); + if (!NT_STATUS_IS_OK(nt_status)) { + ldb_transaction_cancel(ldb); + talloc_free(creds); + return nt_status; } - if (NT_STATUS_IS_OK(nt_status)) { - nt_status = schannel_store_session_key_ldb(ldb, mem_ctx, creds); + ldb_transaction_commit(ldb); + if (ret != 0) { + talloc_free(creds); + return NT_STATUS_INTERNAL_DB_CORRUPTION; } - if (NT_STATUS_IS_OK(nt_status)) { - ldb_transaction_commit(ldb); - if (creds_out) { - *creds_out = creds; - talloc_steal(mem_ctx, creds); - } + if (creds_out) { + *creds_out = creds; + talloc_steal(mem_ctx, creds); } else { - ldb_transaction_cancel(ldb); + talloc_free(creds); } - return nt_status; + + return NT_STATUS_OK; } -- 2.11.4.GIT