diff options
| author | Jeremy Allison <jra@samba.org> | 2010-01-15 17:52:54 -0800 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2010-02-24 16:25:09 +0100 |
| commit | b990e6614f462edb4a00f8ea5665f244a3c9ac40 (patch) | |
| tree | 5aa0e5a63e8c25c064e58044c2986bda1a116219 | |
| parent | e07bdeda53353597787183131cbe44eeeac5ec15 (diff) | |
| download | samba-b990e6614f462edb4a00f8ea5665f244a3c9ac40.tar.gz samba-b990e6614f462edb4a00f8ea5665f244a3c9ac40.tar.xz samba-b990e6614f462edb4a00f8ea5665f244a3c9ac40.zip | |
Fix bug 7045 - Bad (non memory copying) interfaces in smbc_setXXXX calls.
In smbc_free_context libsmbclient just called free() on the string options
so it assumes the callers have malloced them before setting them via smbc_set
calls.
Change to correctly malloc/free string options to the library.
Protect against SMB_STRDUP of null.
Contains 2d41b1ab78639abe4ae030ff482573f464564dd7 and
f85b6ee90b88c7f7b2a92c8a5f3e2ebe59c1087b from master.
Jeremy
(cherry picked from commit edc44312f76e14e94c56e70cf7bb49139f9f081e)
| -rw-r--r-- | source/libsmb/libsmb_context.c | 26 | ||||
| -rw-r--r-- | source/libsmb/libsmb_setget.c | 15 |
2 files changed, 31 insertions, 10 deletions
diff --git a/source/libsmb/libsmb_context.c b/source/libsmb/libsmb_context.c index 8e0aa1e3c99..fb14c267f01 100644 --- a/source/libsmb/libsmb_context.c +++ b/source/libsmb/libsmb_context.c @@ -192,13 +192,8 @@ smbc_free_context(SMBCCTX *context, } /* Things we have to clean up */ - free(smbc_getWorkgroup(context)); smbc_setWorkgroup(context, NULL); - - free(smbc_getNetbiosName(context)); smbc_setNetbiosName(context, NULL); - - free(smbc_getUser(context)); smbc_setUser(context, NULL); DEBUG(3, ("Context %p successfully freed\n", context)); @@ -423,7 +418,6 @@ SMBCCTX * smbc_init_context(SMBCCTX *context) { int pid; - char *user = NULL; char *home = NULL; if (!context) { @@ -532,7 +526,7 @@ smbc_init_context(SMBCCTX *context) /* * FIXME: Is this the best way to get the user info? */ - user = getenv("USER"); + char *user = getenv("USER"); /* walk around as "guest" if no username can be found */ if (!user) { user = SMB_STRDUP("guest"); @@ -546,6 +540,12 @@ smbc_init_context(SMBCCTX *context) } smbc_setUser(context, user); + SAFE_FREE(user); + + if (!smbc_getUser(context)) { + errno = ENOMEM; + return NULL; + } } if (!smbc_getNetbiosName(context)) { @@ -578,6 +578,12 @@ smbc_init_context(SMBCCTX *context) } smbc_setNetbiosName(context, netbios_name); + SAFE_FREE(netbios_name); + + if (!smbc_getNetbiosName(context)) { + errno = ENOMEM; + return NULL; + } } DEBUG(1, ("Using netbios name %s.\n", smbc_getNetbiosName(context))); @@ -599,6 +605,12 @@ smbc_init_context(SMBCCTX *context) } smbc_setWorkgroup(context, workgroup); + SAFE_FREE(workgroup); + + if (!smbc_getWorkgroup(context)) { + errno = ENOMEM; + return NULL; + } } DEBUG(1, ("Using workgroup %s.\n", smbc_getWorkgroup(context))); diff --git a/source/libsmb/libsmb_setget.c b/source/libsmb/libsmb_setget.c index 3493e4f8dd2..7113c62cf4b 100644 --- a/source/libsmb/libsmb_setget.c +++ b/source/libsmb/libsmb_setget.c @@ -39,7 +39,10 @@ smbc_getNetbiosName(SMBCCTX *c) void smbc_setNetbiosName(SMBCCTX *c, char * netbios_name) { - c->netbios_name = netbios_name; + SAFE_FREE(c->netbios_name); + if (netbios_name) { + c->netbios_name = SMB_STRDUP(netbios_name); + } } /** Get the workgroup used for making connections */ @@ -53,7 +56,10 @@ smbc_getWorkgroup(SMBCCTX *c) void smbc_setWorkgroup(SMBCCTX *c, char * workgroup) { - c->workgroup = workgroup; + SAFE_FREE(c->workgroup); + if (workgroup) { + c->workgroup = SMB_STRDUP(workgroup); + } } /** Get the username used for making connections */ @@ -67,7 +73,10 @@ smbc_getUser(SMBCCTX *c) void smbc_setUser(SMBCCTX *c, char * user) { - c->user = user; + SAFE_FREE(c->user); + if (user) { + c->user = SMB_STRDUP(user); + } } /** Get the debug level */ |