diff options
| author | Alexander Bokovoy <ab@samba.org> | 2016-01-22 11:44:03 +0200 |
|---|---|---|
| committer | Uri Simchoni <uri@samba.org> | 2016-01-25 23:58:41 +0100 |
| commit | 500bc01478881cab89f0e691427e34a405bb0003 (patch) | |
| tree | e578481676d90badc88eed258e33c9878a3982ab /source3/param/loadparm.c | |
| parent | 62c68bd8c8f7a7e057e38a461707f1c195e62df0 (diff) | |
| download | samba-500bc01478881cab89f0e691427e34a405bb0003.tar.gz | |
s3-parm: clean up defaults when removing global parameters
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11693
When globals are re-initialized, they are cleared and globals' talloc
context is freed. However, parm_table still contains a reference to the
global value in the defaults. This confuses lpcfg_string_free() after
commit 795c543d858b2452f062a02846c2f908fe4cffe4 because it tries to
free already freed pointer which is passed by lp_save_defaults():
....
case P_STRING:
case P_USTRING:
lpcfg_string_set(Globals.ctx,
&parm_table[i].def.svalue,
*(char **)lp_parm_ptr(NULL, &parm_table[i]));
....
here &parm_table[i].def.svalue is passed to lpcfg_string_free() but it
is a pointer to a value allocated with previous Globals.ctx which
already was freed.
This specifically affects registry backend of smb.conf in lp_load_ex()
where init_globals() called explicitly to re-init globals after
lp_save_defaults() if we have registry backend defined.
Reviewed-by: Uri Simchoni <uri@samba.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Mon Jan 25 23:58:42 CET 2016 on sn-devel-144
Diffstat (limited to 'source3/param/loadparm.c')
| -rw-r--r-- | source3/param/loadparm.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 9f4a2b40640..f8ecab716b4 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -399,8 +399,25 @@ static void free_parameters_by_snum(int snum) */ static void free_global_parameters(void) { + uint32_t i; + struct parm_struct *parm; + free_param_opts(&Globals.param_opt); free_parameters_by_snum(GLOBAL_SECTION_SNUM); + + /* Reset references in the defaults because the context is going to be freed */ + for (i=0; parm_table[i].label; i++) { + parm = &parm_table[i]; + if ((parm->type == P_STRING) || + (parm->type == P_USTRING)) { + if ((parm->def.svalue != NULL) && + (*(parm->def.svalue) != '\0')) { + if (talloc_parent(parm->def.svalue) == Globals.ctx) { + parm->def.svalue = NULL; + } + } + } + } TALLOC_FREE(Globals.ctx); } |