diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2017-09-20 22:26:20 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2017-10-05 20:01:43 +0200 |
commit | 381bc154ef06fd3cc0660ce0fd62504367f420f5 (patch) | |
tree | 9635209fb982ca07105b5ac2d542b58c64c5f663 | |
parent | 613a832d5bbf4c8174adbc1dcd881c59660cb0f1 (diff) | |
download | sssd-381bc154ef06fd3cc0660ce0fd62504367f420f5.tar.gz sssd-381bc154ef06fd3cc0660ce0fd62504367f420f5.tar.xz sssd-381bc154ef06fd3cc0660ce0fd62504367f420f5.zip |
GPO: Don't use freed LDAPURLDesc if domain for AD DC cannot be found
If a referral returned during AD GPO processing cannot be assigned to a
known domain, at the moment SSSD accesses memory that was freed
previously with ldap_free_urldesc().
This patch moves the ldap_free_urldesc() call to both the error handler
and the success branch after we are done working with the LDAPURLDesc
instance.
Reviewed-by: Fabiano FidĂȘncio <fidencio@redhat.com>
-rw-r--r-- | src/providers/ad/ad_gpo.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/providers/ad/ad_gpo.c b/src/providers/ad/ad_gpo.c index 2ee284bdc..a5237f6fa 100644 --- a/src/providers/ad/ad_gpo.c +++ b/src/providers/ad/ad_gpo.c @@ -4354,7 +4354,7 @@ ad_gpo_get_sd_referral_send(TALLOC_CTX *mem_ctx, struct tevent_req *req; struct ad_gpo_get_sd_referral_state *state; struct tevent_req *subreq; - LDAPURLDesc *lud; + LDAPURLDesc *lud = NULL; req = tevent_req_create(mem_ctx, &state, struct ad_gpo_get_sd_referral_state); @@ -4390,15 +4390,18 @@ ad_gpo_get_sd_referral_send(TALLOC_CTX *mem_ctx, */ state->ref_domain = find_domain_by_name(state->host_domain, lud->lud_host, true); - ldap_free_urldesc(lud); if (!state->ref_domain) { DEBUG(SSSDBG_CRIT_FAILURE, "Could not find domain matching [%s]\n", lud->lud_host); + ldap_free_urldesc(lud); ret = EIO; goto done; } + ldap_free_urldesc(lud); + lud = NULL; + state->conn = ad_get_dom_ldap_conn(state->access_ctx->ad_id_ctx, state->ref_domain); if (!state->conn) { |