4 files changed, 47 insertions, 28 deletions

diff --git a/source3/auth/check_samsec.c b/source3/auth/check_samsec.c
index 7ed8cc2341..b6cac60dd3 100644
--- a/source3/auth/check_samsec.c
+++ b/source3/auth/check_samsec.c
@@ -482,7 +482,7 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge,
 	}
 
 	become_root();
-	nt_status = make_server_info_sam(server_info, sampass);
+	nt_status = make_server_info_sam(mem_ctx, sampass, server_info);
 	unbecome_root();
 
 	TALLOC_FREE(sampass);
diff --git a/source3/auth/proto.h b/source3/auth/proto.h
index 7abca07951..eac3e5406f 100644
--- a/source3/auth/proto.h
+++ b/source3/auth/proto.h
@@ -190,8 +190,9 @@ bool make_user_info_guest(const struct tsocket_address *remote_address,
 			  struct auth_usersupplied_info **user_info);
 
 struct samu;
-NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
-			      struct samu *sampass);
+NTSTATUS make_server_info_sam(TALLOC_CTX *mem_ctx,
+			      struct samu *sampass,
+			      struct auth_serversupplied_info **pserver_info);
 NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
 			    const struct auth_serversupplied_info *server_info,
 			    DATA_BLOB *session_key,
diff --git a/source3/auth/server_info_sam.c b/source3/auth/server_info_sam.c
index 5d657f90c8..47087b1b4f 100644
--- a/source3/auth/server_info_sam.c
+++ b/source3/auth/server_info_sam.c
@@ -58,39 +58,51 @@ static bool is_our_machine_account(const char *username)
  Make (and fill) a user_info struct from a struct samu
 ***************************************************************************/
 
-NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
-			      struct samu *sampass)
+NTSTATUS make_server_info_sam(TALLOC_CTX *mem_ctx,
+			      struct samu *sampass,
+			      struct auth_serversupplied_info **pserver_info)
 {
 	struct passwd *pwd;
-	struct auth_serversupplied_info *result;
+	struct auth_serversupplied_info *server_info;
 	const char *username = pdb_get_username(sampass);
+	TALLOC_CTX *tmp_ctx;
 	NTSTATUS status;
 
-	if ( !(result = make_server_info(NULL)) ) {
+	tmp_ctx = talloc_stackframe();
+	if (tmp_ctx == NULL) {
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	if ( !(pwd = Get_Pwnam_alloc(result, username)) ) {
+	server_info = make_server_info(tmp_ctx);
+	if (server_info == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	pwd = Get_Pwnam_alloc(tmp_ctx, username);
+	if (pwd == NULL) {
 		DEBUG(1, ("User %s in passdb, but getpwnam() fails!\n",
 			  pdb_get_username(sampass)));
-		TALLOC_FREE(result);
-		return NT_STATUS_NO_SUCH_USER;
+		status = NT_STATUS_NO_SUCH_USER;
+		goto out;
 	}
 
-	status = samu_to_SamInfo3(result, sampass, lp_netbios_name(),
-				  &result->info3, &result->extra);
+	status = samu_to_SamInfo3(server_info,
+				  sampass,
+				  lp_netbios_name(),
+				  &server_info->info3,
+				  &server_info->extra);
 	if (!NT_STATUS_IS_OK(status)) {
-		TALLOC_FREE(result);
-		return status;
+		goto out;
 	}
 
-	result->unix_name = pwd->pw_name;
-	/* Ensure that we keep pwd->pw_name, because we will free pwd below */
-	talloc_steal(result, pwd->pw_name);
-	result->utok.gid = pwd->pw_gid;
-	result->utok.uid = pwd->pw_uid;
+	server_info->unix_name = talloc_strdup(server_info, pwd->pw_name);
+	if (server_info->unix_name == NULL) {
+		status = NT_STATUS_NO_MEMORY;
+		goto out;
+	}
 
-	TALLOC_FREE(pwd);
+	server_info->utok.gid = pwd->pw_gid;
+	server_info->utok.uid = pwd->pw_uid;
 
 	if (IS_DC && is_our_machine_account(username)) {
 		/*
@@ -110,9 +122,13 @@ NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
 	}
 
 	DEBUG(5,("make_server_info_sam: made server info for user %s -> %s\n",
-		 pdb_get_username(sampass), result->unix_name));
+		 pdb_get_username(sampass), server_info->unix_name));
+
+	*pserver_info = talloc_steal(mem_ctx, server_info);
 
-	*server_info = result;
+	status = NT_STATUS_OK;
+out:
+	talloc_free(tmp_ctx);
 
-	return NT_STATUS_OK;
+	return status;
 }
diff --git a/source3/auth/user_krb5.c b/source3/auth/user_krb5.c
index 2650e27feb..6b8fad2c0a 100644
--- a/source3/auth/user_krb5.c
+++ b/source3/auth/user_krb5.c
@@ -223,9 +223,6 @@ NTSTATUS make_session_info_krb5(TALLOC_CTX *mem_ctx,
 		 * SID consistency with ntlmssp session setup
 		 */
 		struct samu *sampass;
-		/* The stupid make_server_info_XX functions here
-		   don't take a talloc context. */
-		struct auth_serversupplied_info *tmp = NULL;
 
 		sampass = samu_new(talloc_tos());
 		if (sampass == NULL) {
@@ -235,14 +232,19 @@ NTSTATUS make_session_info_krb5(TALLOC_CTX *mem_ctx,
 		if (pdb_getsampwnam(sampass, username)) {
 			DEBUG(10, ("found user %s in passdb, calling "
 				   "make_server_info_sam\n", username));
-			status = make_server_info_sam(&tmp, sampass);
+			status = make_server_info_sam(mem_ctx,
+						      sampass,
+						      &server_info);
 		} else {
 			/*
 			 * User not in passdb, make it up artificially
 			 */
 			DEBUG(10, ("didn't find user %s in passdb, calling "
 				   "make_server_info_pw\n", username));
-			status = make_server_info_pw(mem_ctx, username, pw, &tmp);
+			status = make_server_info_pw(mem_ctx,
+						     username,
+						     pw,
+						     &server_info);
 		}
 
 		TALLOC_FREE(sampass);