diff options
| author | Sumit Bose <sbose@redhat.com> | 2013-04-26 09:21:43 +0200 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2013-05-02 16:57:12 -0400 |
| commit | 0f43cd6ea0d4528638e14a544c62d53e439778e6 (patch) | |
| tree | ff6a75a8d8d8707f162f6420db00c8997322c677 | |
| parent | 631b3cf7cd85d310773e84569bf29b37ff5cec1b (diff) | |
| download | freeipa-0f43cd6ea0d4528638e14a544c62d53e439778e6.tar.gz freeipa-0f43cd6ea0d4528638e14a544c62d53e439778e6.tar.xz freeipa-0f43cd6ea0d4528638e14a544c62d53e439778e6.zip | |
Do not store SID string in a local buffer
https://fedorahosted.org/freeipa/ticket/3596
| -rw-r--r-- | daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c b/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c index e532807aa..ef474d3a1 100644 --- a/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c +++ b/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c @@ -432,7 +432,8 @@ int create_response(struct extdom_req *req, struct domain_info *domain_info, struct extdom_res *res; uint32_t id; enum idmap_error_code err; - char sid_str[WBC_SID_STRING_BUFLEN + 1]; + char *sid_str; + wbcErr werr; res = malloc(sizeof(struct extdom_res)); if (res == NULL) { @@ -450,9 +451,8 @@ int create_response(struct extdom_req *req, struct domain_info *domain_info, case INP_NAME: res->response_type = RESP_SID; - len = wbcSidToStringBuf(sid, sid_str, - WBC_SID_STRING_BUFLEN); - if (len + 1 > WBC_SID_STRING_BUFLEN) { + werr = wbcSidToString(sid, &sid_str); + if (!WBC_ERROR_IS_OK(werr)) { ret = EINVAL; goto done; } @@ -465,13 +465,14 @@ int create_response(struct extdom_req *req, struct domain_info *domain_info, } break; case REQ_FULL: - len = wbcSidToStringBuf(sid, sid_str, WBC_SID_STRING_BUFLEN); - if (len + 1 > WBC_SID_STRING_BUFLEN) { + len = wbcSidToString(sid, &sid_str); + if (!WBC_ERROR_IS_OK(werr)) { ret = EINVAL; goto done; } err = sss_idmap_sid_to_unix(domain_info->idmap_ctx, sid_str, &id); + wbcFreeMemory(sid_str); if (err != IDMAP_SUCCESS) { ret = EINVAL; goto done; @@ -566,6 +567,7 @@ int pack_response(struct extdom_res *res, struct berval **ret_val) switch (res->response_type) { case RESP_SID: ret = ber_printf(ber,"{es}", res->response_type, res->data.sid); + wbcFreeMemory(res->data.sid); break; case RESP_NAME: ret = ber_printf(ber,"{e{ss}}", res->response_type, |