diff options
| author | Jeremy Allison <jra@samba.org> | 2010-01-15 17:52:54 -0800 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2010-02-24 16:25:09 +0100 |
| commit | b990e6614f462edb4a00f8ea5665f244a3c9ac40 (patch) | |
| tree | 5aa0e5a63e8c25c064e58044c2986bda1a116219 /source/libsmb/libsmb_context.c | |
| parent | e07bdeda53353597787183131cbe44eeeac5ec15 (diff) | |
| download | samba-b990e6614f462edb4a00f8ea5665f244a3c9ac40.tar.gz samba-b990e6614f462edb4a00f8ea5665f244a3c9ac40.tar.xz samba-b990e6614f462edb4a00f8ea5665f244a3c9ac40.zip | |
Fix bug 7045 - Bad (non memory copying) interfaces in smbc_setXXXX calls.
In smbc_free_context libsmbclient just called free() on the string options
so it assumes the callers have malloced them before setting them via smbc_set
calls.
Change to correctly malloc/free string options to the library.
Protect against SMB_STRDUP of null.
Contains 2d41b1ab78639abe4ae030ff482573f464564dd7 and
f85b6ee90b88c7f7b2a92c8a5f3e2ebe59c1087b from master.
Jeremy
(cherry picked from commit edc44312f76e14e94c56e70cf7bb49139f9f081e)
Diffstat (limited to 'source/libsmb/libsmb_context.c')
| -rw-r--r-- | source/libsmb/libsmb_context.c | 26 |
1 files changed, 19 insertions, 7 deletions
diff --git a/source/libsmb/libsmb_context.c b/source/libsmb/libsmb_context.c index 8e0aa1e3c99..fb14c267f01 100644 --- a/source/libsmb/libsmb_context.c +++ b/source/libsmb/libsmb_context.c @@ -192,13 +192,8 @@ smbc_free_context(SMBCCTX *context, } /* Things we have to clean up */ - free(smbc_getWorkgroup(context)); smbc_setWorkgroup(context, NULL); - - free(smbc_getNetbiosName(context)); smbc_setNetbiosName(context, NULL); - - free(smbc_getUser(context)); smbc_setUser(context, NULL); DEBUG(3, ("Context %p successfully freed\n", context)); @@ -423,7 +418,6 @@ SMBCCTX * smbc_init_context(SMBCCTX *context) { int pid; - char *user = NULL; char *home = NULL; if (!context) { @@ -532,7 +526,7 @@ smbc_init_context(SMBCCTX *context) /* * FIXME: Is this the best way to get the user info? */ - user = getenv("USER"); + char *user = getenv("USER"); /* walk around as "guest" if no username can be found */ if (!user) { user = SMB_STRDUP("guest"); @@ -546,6 +540,12 @@ smbc_init_context(SMBCCTX *context) } smbc_setUser(context, user); + SAFE_FREE(user); + + if (!smbc_getUser(context)) { + errno = ENOMEM; + return NULL; + } } if (!smbc_getNetbiosName(context)) { @@ -578,6 +578,12 @@ smbc_init_context(SMBCCTX *context) } smbc_setNetbiosName(context, netbios_name); + SAFE_FREE(netbios_name); + + if (!smbc_getNetbiosName(context)) { + errno = ENOMEM; + return NULL; + } } DEBUG(1, ("Using netbios name %s.\n", smbc_getNetbiosName(context))); @@ -599,6 +605,12 @@ smbc_init_context(SMBCCTX *context) } smbc_setWorkgroup(context, workgroup); + SAFE_FREE(workgroup); + + if (!smbc_getWorkgroup(context)) { + errno = ENOMEM; + return NULL; + } } DEBUG(1, ("Using workgroup %s.\n", smbc_getWorkgroup(context))); |