s3:libads: Allocate ads->auth.password under ADS_STRUCT talloc context

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

8 files changed, 95 insertions, 37 deletions

diff --git a/libgpo/pygpo.c b/libgpo/pygpo.c
index 85a4aaa1581..b9570b24d82 100644
--- a/libgpo/pygpo.c
+++ b/libgpo/pygpo.c
@@ -230,13 +230,17 @@ static PyObject* py_ads_connect(ADS *self,
 		return NULL;
 	}
 	SAFE_FREE(self->ads_ptr->auth.user_name);
-	SAFE_FREE(self->ads_ptr->auth.password);
+	TALLOC_FREE(self->ads_ptr->auth.password);
 	TALLOC_FREE(self->ads_ptr->auth.realm);
 	if (self->cli_creds) {
 		self->ads_ptr->auth.user_name =
 			SMB_STRDUP(cli_credentials_get_username(self->cli_creds));
-		self->ads_ptr->auth.password =
-			SMB_STRDUP(cli_credentials_get_password(self->cli_creds));
+		self->ads_ptr->auth.password = talloc_strdup(self->ads_ptr,
+			cli_credentials_get_password(self->cli_creds));
+		if (self->ads_ptr->auth.password == NULL) {
+			PyErr_NoMemory();
+			goto err;
+		}
 		self->ads_ptr->auth.realm = talloc_strdup(self->ads_ptr,
 			cli_credentials_get_realm(self->cli_creds));
 		if (self->ads_ptr->auth.realm == NULL) {
@@ -254,22 +258,29 @@ static PyObject* py_ads_connect(ADS *self,
 			goto err;
 		}
 
-		passwd = secrets_fetch_machine_password(self->ads_ptr->server.workgroup,
-							NULL, NULL);
+		ret = asprintf(&(self->ads_ptr->auth.user_name), "%s$",
+				   lp_netbios_name());
+		if (ret == -1) {
+			PyErr_NoMemory();
+			goto err;
+		}
+
+		passwd = secrets_fetch_machine_password(
+			self->ads_ptr->server.workgroup, NULL, NULL);
 		if (passwd == NULL) {
 			PyErr_SetString(PyExc_RuntimeError,
 					"Failed to fetch the machine account "
 					"password");
 			goto err;
 		}
-		ret = asprintf(&(self->ads_ptr->auth.user_name), "%s$",
-				   lp_netbios_name());
-		if (ret == -1) {
-			SAFE_FREE(passwd);
+
+		self->ads_ptr->auth.password = talloc_strdup(self->ads_ptr,
+							     passwd);
+		SAFE_FREE(passwd);
+		if (self->ads_ptr->auth.password == NULL) {
 			PyErr_NoMemory();
 			goto err;
 		}
-		self->ads_ptr->auth.password = passwd; /* take ownership of this data */
 		self->ads_ptr->auth.realm = talloc_asprintf_strupper_m(
 			self->ads_ptr, "%s", self->ads_ptr->server.realm);
 		if (self->ads_ptr->auth.realm == NULL) {
diff --git a/source3/lib/netapi/joindomain.c b/source3/lib/netapi/joindomain.c
index 7438e8407be..aa0cefe163e 100644
--- a/source3/lib/netapi/joindomain.c
+++ b/source3/lib/netapi/joindomain.c
@@ -446,15 +446,23 @@ WERROR NetGetJoinableOUs_l(struct libnetapi_ctx *ctx,
 		}
 	}
 
-	SAFE_FREE(ads->auth.password);
+	TALLOC_FREE(ads->auth.password);
 	if (r->in.password) {
-		ads->auth.password = SMB_STRDUP(r->in.password);
+		ads->auth.password = talloc_strdup(ads, r->in.password);
+		if (ads->auth.password == NULL) {
+			ret = WERR_NOT_ENOUGH_MEMORY;
+			goto out;
+		}
 	} else {
 		const char *password = NULL;
 
 		libnetapi_get_password(ctx, &password);
 		if (password != NULL) {
-			ads->auth.password = SMB_STRDUP(password);
+			ads->auth.password = talloc_strdup(ads, password);
+			if (ads->auth.password == NULL) {
+				ret = WERR_NOT_ENOUGH_MEMORY;
+				goto out;
+			}
 		}
 	}
 
diff --git a/source3/libads/ads_struct.c b/source3/libads/ads_struct.c
index e344d42ae43..b1ae510aafd 100644
--- a/source3/libads/ads_struct.c
+++ b/source3/libads/ads_struct.c
@@ -130,7 +130,6 @@ static void ads_destroy(ADS_STRUCT **ads)
 #ifdef HAVE_LDAP
 		ads_disconnect(*ads);
 #endif
-		SAFE_FREE((*ads)->auth.password);
 		SAFE_FREE((*ads)->auth.user_name);
 		SAFE_FREE((*ads)->auth.kdc_server);
 		SAFE_FREE((*ads)->auth.ccache_name);
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index 4dd6ab5410a..0ec5ff4c1d8 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -185,8 +185,12 @@ static ADS_STATUS libnet_connect_ads(const char *dns_domain_name,
 	}
 
 	if (password) {
-		SAFE_FREE(my_ads->auth.password);
-		my_ads->auth.password = SMB_STRDUP(password);
+		TALLOC_FREE(my_ads->auth.password);
+		my_ads->auth.password = talloc_strdup(my_ads, password);
+		if (my_ads->auth.password == NULL) {
+			status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
+			goto out;
+		}
 	}
 
 	if (ccname != NULL) {
diff --git a/source3/printing/nt_printing_ads.c b/source3/printing/nt_printing_ads.c
index 026605372c0..ff41baad5a2 100644
--- a/source3/printing/nt_printing_ads.c
+++ b/source3/printing/nt_printing_ads.c
@@ -220,12 +220,8 @@ WERROR nt_printer_guid_retrieve(TALLOC_CTX *mem_ctx, const char *printer,
 	char *printer_dn;
 	WERROR result;
 	ADS_STATUS ads_status;
-	TALLOC_CTX *tmp_ctx;
-
-	tmp_ctx = talloc_new(mem_ctx);
-	if (tmp_ctx == NULL) {
-		return WERR_NOT_ENOUGH_MEMORY;
-	}
+	TALLOC_CTX *tmp_ctx = talloc_stackframe();
+	char *machine_password = NULL;
 
 	ads = ads_init(tmp_ctx,
 		       lp_realm(),
@@ -239,9 +235,17 @@ WERROR nt_printer_guid_retrieve(TALLOC_CTX *mem_ctx, const char *printer,
 
 	old_krb5ccname = getenv(KRB5_ENV_CCNAME);
 	setenv(KRB5_ENV_CCNAME, "MEMORY:prtpub_cache", 1);
-	SAFE_FREE(ads->auth.password);
-	ads->auth.password = secrets_fetch_machine_password(lp_workgroup(),
+	TALLOC_FREE(ads->auth.password);
+	machine_password = secrets_fetch_machine_password(lp_workgroup(),
 							    NULL, NULL);
+	if (machine_password != NULL) {
+		ads->auth.password = talloc_strdup(ads, machine_password);
+		SAFE_FREE(machine_password);
+		if (ads->auth.password == NULL) {
+			result = WERR_NOT_ENOUGH_MEMORY;
+			goto out;
+		}
+	}
 
 	ads_status = ads_connect(ads);
 	if (!ADS_ERR_OK(ads_status)) {
@@ -647,6 +651,7 @@ WERROR nt_printer_publish(TALLOC_CTX *mem_ctx,
 	ADS_STRUCT *ads = NULL;
 	WERROR win_rc;
 	char *old_krb5ccname = NULL;
+	char *machine_password = NULL;
 
 	sinfo2 = talloc_zero(tmp_ctx, struct spoolss_SetPrinterInfo2);
 	if (!sinfo2) {
@@ -693,9 +698,17 @@ WERROR nt_printer_publish(TALLOC_CTX *mem_ctx,
 	}
 	old_krb5ccname = getenv(KRB5_ENV_CCNAME);
 	setenv(KRB5_ENV_CCNAME, "MEMORY:prtpub_cache", 1);
-	SAFE_FREE(ads->auth.password);
-	ads->auth.password = secrets_fetch_machine_password(lp_workgroup(),
+	TALLOC_FREE(ads->auth.password);
+	machine_password = secrets_fetch_machine_password(lp_workgroup(),
 		NULL, NULL);
+	if (machine_password != NULL) {
+		ads->auth.password = talloc_strdup(ads, machine_password);
+		SAFE_FREE(machine_password);
+		if (ads->auth.password == NULL) {
+			win_rc = WERR_NOT_ENOUGH_MEMORY;
+			goto done;
+		}
+	}
 
 	/* ads_connect() will find the DC for us */
 	ads_rc = ads_connect(ads);
@@ -741,6 +754,7 @@ WERROR check_published_printers(struct messaging_context *msg_ctx)
 	NTSTATUS status;
 	WERROR result;
 	char *old_krb5ccname = NULL;
+	char *machine_password = NULL;
 
 	ads = ads_init(tmp_ctx,
 		       lp_realm(),
@@ -754,10 +768,17 @@ WERROR check_published_printers(struct messaging_context *msg_ctx)
 	}
 	old_krb5ccname = getenv(KRB5_ENV_CCNAME);
 	setenv(KRB5_ENV_CCNAME, "MEMORY:prtpub_cache", 1);
-	SAFE_FREE(ads->auth.password);
-	ads->auth.password = secrets_fetch_machine_password(lp_workgroup(),
+	TALLOC_FREE(ads->auth.password);
+	machine_password = secrets_fetch_machine_password(lp_workgroup(),
 		NULL, NULL);
-
+	if (machine_password != NULL) {
+		ads->auth.password = talloc_strdup(ads, machine_password);
+		SAFE_FREE(machine_password);
+		if (ads->auth.password == NULL) {
+			result = WERR_NOT_ENOUGH_MEMORY;
+			goto done;
+		}
+	}
 	/* ads_connect() will find the DC for us */
 	ads_rc = ads_connect(ads);
 	if (!ADS_ERR_OK(ads_rc)) {
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 11efde7947f..008e0e89be2 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -659,8 +659,12 @@ retry:
 
 	if (c->opt_password) {
 		use_in_memory_ccache();
-		SAFE_FREE(ads->auth.password);
-		ads->auth.password = smb_xstrdup(c->opt_password);
+		TALLOC_FREE(ads->auth.password);
+		ads->auth.password = talloc_strdup(ads, c->opt_password);
+		if (ads->auth.password == NULL) {
+			TALLOC_FREE(ads);
+			return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
+		}
 	}
 
 	SAFE_FREE(ads->auth.user_name);
diff --git a/source3/utils/net_ads_join_dns.c b/source3/utils/net_ads_join_dns.c
index 286a77c5c9d..1009f510e3b 100644
--- a/source3/utils/net_ads_join_dns.c
+++ b/source3/utils/net_ads_join_dns.c
@@ -244,6 +244,7 @@ void net_ads_join_dns_updates(struct net_context *c, TALLOC_CTX *ctx, struct lib
 	ADS_STRUCT *ads_dns = NULL;
 	int ret;
 	NTSTATUS status;
+	char *machine_password = NULL;
 
 	/*
 	 * In a clustered environment, don't do dynamic dns updates:
@@ -289,11 +290,17 @@ void net_ads_join_dns_updates(struct net_context *c, TALLOC_CTX *ctx, struct lib
 		goto done;
 	}
 
-	ads_dns->auth.password = secrets_fetch_machine_password(
+	machine_password = secrets_fetch_machine_password(
 		r->out.netbios_domain_name, NULL, NULL);
-	if (ads_dns->auth.password == NULL) {
-		d_fprintf(stderr, _("DNS update failed: out of memory\n"));
-		goto done;
+	if (machine_password != NULL) {
+		ads_dns->auth.password = talloc_strdup(ads_dns,
+						       machine_password);
+		SAFE_FREE(machine_password);
+		if (ads_dns->auth.password == NULL) {
+			d_fprintf(stderr,
+				  _("DNS update failed: out of memory\n"));
+			goto done;
+		}
 	}
 
 	ads_dns->auth.realm = talloc_asprintf_strupper_m(ads_dns, "%s", r->out.dns_domain_name);
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 4da52a40f93..d2b0962ac71 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -125,11 +125,15 @@ static ADS_STATUS ads_cached_connection_connect(const char *target_realm,
 		goto out;
 	}
 
-	SAFE_FREE(ads->auth.password);
+	TALLOC_FREE(ads->auth.password);
 	TALLOC_FREE(ads->auth.realm);
 
 	ads->auth.renewable = renewable;
-	ads->auth.password = password;
+	ads->auth.password = talloc_strdup(ads, password);
+	if (ads->auth.password == NULL) {
+		status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
+		goto out;
+	}
 
 	/* In FIPS mode, client use kerberos is forced to required. */
 	krb5_state = lp_client_use_kerberos();