s3-auth: Pass mem_ctx to auth_check_ntlm_password().

Coverity-Id: 1168009 BUG: https://bugzilla.samba.org/show_bug.cgi?id=8598 Signed-off-by: Andreas Schneider <asn@samba.org> Change-Id: Ie01674561a6a75239a13918d3190c2f21c3efc7a Reviewed-by: Andrew Bartlett <abartlet@samba.org>
author: Andreas Schneider <asn@samba.org> 2014-02-18 10:19:57 +0100
committer: Andrew Bartlett <abartlet@samba.org> 2014-02-19 11:29:29 +1300
commit: 4d792db03f18aa164b565c7fdc7b446c174fba28 (patch)
tree: 332286e21856eb20c5600780e01cc0da7453decc /source3/auth/auth.c
parent: 3dc72266005e87a291f5bf9847257e8c54314d39 (diff)
download: samba-4d792db03f18aa164b565c7fdc7b446c174fba28.tar.gz
1 files changed, 31 insertions, 19 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c
index 0fc8b63b599..7718142fc11 100644
--- a/source3/auth/auth.c
+++ b/source3/auth/auth.c
@@ -160,18 +160,19 @@ static bool check_domain_match(const char *user, const char *domain)
  *
  **/
 
-NTSTATUS auth_check_ntlm_password(const struct auth_context *auth_context,
-				  const struct auth_usersupplied_info *user_info, 
-				  struct auth_serversupplied_info **server_info)
+NTSTATUS auth_check_ntlm_password(TALLOC_CTX *mem_ctx,
+				  const struct auth_context *auth_context,
+				  const struct auth_usersupplied_info *user_info,
+				  struct auth_serversupplied_info **pserver_info)
 {
 	/* if all the modules say 'not for me' this is reasonable */
 	NTSTATUS nt_status = NT_STATUS_NO_SUCH_USER;
 	const char *unix_username;
 	auth_methods *auth_method;
-	TALLOC_CTX *mem_ctx;
 
-	if (!user_info || !auth_context || !server_info)
+	if (user_info == NULL || auth_context == NULL || pserver_info == NULL) {
 		return NT_STATUS_LOGON_FAILURE;
+	}
 
 	DEBUG(3, ("check_ntlm_password:  Checking password for unmapped user [%s]\\[%s]@[%s] with the new password interface\n", 
 		  user_info->client.domain_name, user_info->client.account_name, user_info->workstation_name));
@@ -205,17 +206,27 @@ NTSTATUS auth_check_ntlm_password(const struct auth_context *auth_context,
 		return NT_STATUS_LOGON_FAILURE;
 
 	for (auth_method = auth_context->auth_method_list;auth_method; auth_method = auth_method->next) {
+		struct auth_serversupplied_info *server_info;
+		TALLOC_CTX *tmp_ctx;
 		NTSTATUS result;
 
-		mem_ctx = talloc_init("%s authentication for user %s\\%s", auth_method->name,
-				      user_info->mapped.domain_name, user_info->client.account_name);
+		tmp_ctx = talloc_named(mem_ctx,
+				       0,
+				       "%s authentication for user %s\\%s",
+				       auth_method->name,
+				       user_info->mapped.domain_name,
+				       user_info->client.account_name);
 
-		result = auth_method->auth(auth_context, auth_method->private_data, mem_ctx, user_info, server_info);
+		result = auth_method->auth(auth_context,
+					   auth_method->private_data,
+					   tmp_ctx,
+					   user_info,
+					   &server_info);
 
 		/* check if the module did anything */
 		if ( NT_STATUS_V(result) == NT_STATUS_V(NT_STATUS_NOT_IMPLEMENTED) ) {
 			DEBUG(10,("check_ntlm_password: %s had nothing to say\n", auth_method->name));
-			talloc_destroy(mem_ctx);
+			TALLOC_FREE(tmp_ctx);
 			continue;
 		}
 
@@ -229,19 +240,20 @@ NTSTATUS auth_check_ntlm_password(const struct auth_context *auth_context,
 				  auth_method->name, user_info->client.account_name, nt_errstr(nt_status)));
 		}
 
-		talloc_destroy(mem_ctx);
-
-		if ( NT_STATUS_IS_OK(nt_status))
-		{
-				break;			
+		if (NT_STATUS_IS_OK(nt_status)) {
+			*pserver_info = talloc_steal(mem_ctx, server_info);
+			TALLOC_FREE(tmp_ctx);
+			break;
 		}
+
+		TALLOC_FREE(tmp_ctx);
 	}
 
 	/* successful authentication */
 
 	if (NT_STATUS_IS_OK(nt_status)) {
-		unix_username = (*server_info)->unix_name;
-		if (!(*server_info)->guest) {
+		unix_username = (*pserver_info)->unix_name;
+		if (!(*pserver_info)->guest) {
 			const char *rhost;
 
 			if (tsocket_address_is_inet(user_info->remote_host, "ip")) {
@@ -270,9 +282,9 @@ NTSTATUS auth_check_ntlm_password(const struct auth_context *auth_context,
 		}
 
 		if (NT_STATUS_IS_OK(nt_status)) {
-			DEBUG((*server_info)->guest ? 5 : 2, 
+			DEBUG((*pserver_info)->guest ? 5 : 2,
 			      ("check_ntlm_password:  %sauthentication for user [%s] -> [%s] -> [%s] succeeded\n",
-			       (*server_info)->guest ? "guest " : "",
+			       (*pserver_info)->guest ? "guest " : "",
 			       user_info->client.account_name,
 			       user_info->mapped.account_name,
 			       unix_username));
@@ -286,7 +298,7 @@ NTSTATUS auth_check_ntlm_password(const struct auth_context *auth_context,
 	DEBUG(2, ("check_ntlm_password:  Authentication for user [%s] -> [%s] FAILED with error %s\n",
 		  user_info->client.account_name, user_info->mapped.account_name,
 		  nt_errstr(nt_status)));
-	ZERO_STRUCTP(server_info);
+	ZERO_STRUCTP(pserver_info);
 
 	return nt_status;
 }
author	Andreas Schneider <asn@samba.org>	2014-02-18 10:19:57 +0100
committer	Andrew Bartlett <abartlet@samba.org>	2014-02-19 11:29:29 +1300
commit	4d792db03f18aa164b565c7fdc7b446c174fba28 (patch)
tree	332286e21856eb20c5600780e01cc0da7453decc /source3/auth/auth.c
parent	3dc72266005e87a291f5bf9847257e8c54314d39 (diff)
download	samba-4d792db03f18aa164b565c7fdc7b446c174fba28.tar.gz