summaryrefslogtreecommitdiff
path: root/source3/libgpo
diff options
context:
space:
mode:
authorDavid Disseldorp <ddiss@samba.org>2014-10-06 18:21:14 +0200
committerJeremy Allison <jra@samba.org>2014-10-06 19:18:05 +0200
commit3c592eaac6db32843cde480226424e71312a853f (patch)
tree815e45508f9b2c5e69c35d2af8b75bfe8c5ebd03 /source3/libgpo
parente8ee9bb66e765433e94f03d46ccb66459bb5fc3f (diff)
downloadsamba-3c592eaac6db32843cde480226424e71312a853f.tar.gz
gpo: don't leak cache_path onto talloc tos
Also check for allocation failures. Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'source3/libgpo')
-rw-r--r--source3/libgpo/gpext/registry.c20
-rw-r--r--source3/libgpo/gpext/scripts.c24
-rw-r--r--source3/libgpo/gpext/security.c7
3 files changed, 38 insertions, 13 deletions
diff --git a/source3/libgpo/gpext/registry.c b/source3/libgpo/gpext/registry.c
index b51bc305a20..a24485cd448 100644
--- a/source3/libgpo/gpext/registry.c
+++ b/source3/libgpo/gpext/registry.c
@@ -287,6 +287,10 @@ static NTSTATUS registry_process_group_policy(TALLOC_CTX *mem_ctx,
size_t num_entries = 0;
char *unix_path = NULL;
const struct GROUP_POLICY_OBJECT *gpo;
+ char *gpo_cache_path = cache_path(GPO_CACHE_DIR);
+ if (gpo_cache_path == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
/* implementation of the policy callback function, see
* http://msdn.microsoft.com/en-us/library/aa373494%28v=vs.85%29.aspx
@@ -304,9 +308,11 @@ static NTSTATUS registry_process_group_policy(TALLOC_CTX *mem_ctx,
gpext_debug_header(0, "registry_process_group_policy", flags,
gpo, GP_EXT_GUID_REGISTRY, NULL);
- status = gpo_get_unix_path(mem_ctx, cache_path(GPO_CACHE_DIR),
+ status = gpo_get_unix_path(mem_ctx, gpo_cache_path,
gpo, &unix_path);
- NT_STATUS_NOT_OK_RETURN(status);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto err_cache_path_free;
+ }
status = reg_parse_registry(mem_ctx,
flags,
@@ -316,7 +322,7 @@ static NTSTATUS registry_process_group_policy(TALLOC_CTX *mem_ctx,
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("failed to parse registry: %s\n",
nt_errstr(status)));
- return status;
+ goto err_cache_path_free;
}
dump_reg_entries(flags, "READ", entries, num_entries);
@@ -326,11 +332,15 @@ static NTSTATUS registry_process_group_policy(TALLOC_CTX *mem_ctx,
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,("failed to apply registry: %s\n",
win_errstr(werr)));
- return werror_to_ntstatus(werr);
+ status = werror_to_ntstatus(werr);
+ goto err_cache_path_free;
}
}
+ status = NT_STATUS_OK;
- return NT_STATUS_OK;
+err_cache_path_free:
+ talloc_free(gpo_cache_path);
+ return status;
}
/****************************************************************
diff --git a/source3/libgpo/gpext/scripts.c b/source3/libgpo/gpext/scripts.c
index e2841c01cbe..da6f5cc2640 100644
--- a/source3/libgpo/gpext/scripts.c
+++ b/source3/libgpo/gpext/scripts.c
@@ -357,6 +357,10 @@ static NTSTATUS scripts_process_group_policy(TALLOC_CTX *mem_ctx,
GP_SCRIPTS_INI_LOGOFF
};
const struct GROUP_POLICY_OBJECT *gpo;
+ char *gpo_cache_path = cache_path(GPO_CACHE_DIR);
+ if (gpo_cache_path == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
/* implementation of the policy callback function, see
* http://msdn.microsoft.com/en-us/library/aa373494%28v=vs.85%29.aspx
@@ -374,13 +378,17 @@ static NTSTATUS scripts_process_group_policy(TALLOC_CTX *mem_ctx,
gpext_debug_header(0, "scripts_process_group_policy", flags,
gpo, GP_EXT_GUID_SCRIPTS, NULL);
- status = gpo_get_unix_path(mem_ctx, cache_path(GPO_CACHE_DIR),
+ status = gpo_get_unix_path(mem_ctx, gpo_cache_path,
gpo, &unix_path);
- NT_STATUS_NOT_OK_RETURN(status);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto err_cache_path_free;
+ }
status = gp_inifile_init_context(mem_ctx, flags, unix_path,
GP_SCRIPTS_INI, &ini_ctx);
- NT_STATUS_NOT_OK_RETURN(status);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto err_cache_path_free;
+ }
for (i = 0; i < ARRAY_SIZE(list); i++) {
@@ -394,7 +402,8 @@ static NTSTATUS scripts_process_group_policy(TALLOC_CTX *mem_ctx,
}
if (!NT_STATUS_IS_OK(status)) {
- return status;
+ TALLOC_FREE(ini_ctx);
+ goto err_cache_path_free;
}
dump_reg_entries(flags, "READ", entries, num_entries);
@@ -403,15 +412,16 @@ static NTSTATUS scripts_process_group_policy(TALLOC_CTX *mem_ctx,
flags, list[i], gpo, entries, num_entries);
if (!W_ERROR_IS_OK(werr)) {
continue; /* FIXME: finally fix storing emtpy strings and REG_QWORD! */
- TALLOC_FREE(ini_ctx);
- return werror_to_ntstatus(werr);
}
}
TALLOC_FREE(ini_ctx);
}
+ status = NT_STATUS_OK;
- return NT_STATUS_OK;
+err_cache_path_free:
+ talloc_free(gpo_cache_path);
+ return status;
}
/****************************************************************
diff --git a/source3/libgpo/gpext/security.c b/source3/libgpo/gpext/security.c
index 5360222ad28..2f461847b92 100644
--- a/source3/libgpo/gpext/security.c
+++ b/source3/libgpo/gpext/security.c
@@ -152,6 +152,10 @@ static NTSTATUS security_process_group_policy(TALLOC_CTX *mem_ctx,
char *unix_path = NULL;
struct gp_inifile_context *ini_ctx = NULL;
const struct GROUP_POLICY_OBJECT *gpo;
+ char *gpo_cache_path = cache_path(GPO_CACHE_DIR);
+ if (gpo_cache_path == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
/* implementation of the policy callback function, see
* http://msdn.microsoft.com/en-us/library/aa373494%28v=vs.85%29.aspx
@@ -172,7 +176,7 @@ static NTSTATUS security_process_group_policy(TALLOC_CTX *mem_ctx,
/* this handler processes the gpttmpl files and merge output to the
* registry */
- status = gpo_get_unix_path(mem_ctx, cache_path(GPO_CACHE_DIR),
+ status = gpo_get_unix_path(mem_ctx, gpo_cache_path,
gpo, &unix_path);
if (!NT_STATUS_IS_OK(status)) {
goto out;
@@ -198,6 +202,7 @@ static NTSTATUS security_process_group_policy(TALLOC_CTX *mem_ctx,
nt_errstr(status)));
}
TALLOC_FREE(ini_ctx);
+ talloc_free(gpo_cache_path);
return status;
}