Bug 9807 - wbinfo: fix segfault in wbinfo_pam_logon

[mat/samba.git] / nsswitch / wbinfo.c

diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c
index 70a7b1547a4a8ff87fbe989f5483f9d7ce9428f8..8b178598edc66d0e708e080dbfcc0bbaff4f8f14 100644 (file)
--- a/nsswitch/wbinfo.c
+++ b/nsswitch/wbinfo.c
@@ -121,7 +121,8 @@ static bool parse_wbinfo_domain_user(const char *domuser, fstring domain,
 
        if (!p) {
                /* Maybe it was a UPN? */
-               if ((p = strchr(domuser, '@')) != NULL) {
+               p = strchr(domuser, '@');
+               if (p != NULL) {
                        fstrcpy(domain, "");
                        fstrcpy(user, domuser);
                        return true;
@@ -242,6 +243,8 @@ static bool wbinfo_get_user_sidinfo(const char *sid_str)
                 pwd->pw_dir,
                 pwd->pw_shell);
 
+       wbcFreeMemory(pwd);
+
        return true;
 }
 
@@ -519,7 +522,7 @@ static bool wbinfo_list_domains(bool list_all_domains, bool verbose)
        }
 
        if (print_all) {
-               d_printf("%-16s%-24s%-12s%-12s%-5s%-5s\n",
+               d_printf("%-16s%-65s%-12s%-12s%-5s%-5s\n",
                         "Domain Name", "DNS Domain", "Trust Type",
                         "Transitive", "In", "Out");
        }
@@ -533,7 +536,7 @@ static bool wbinfo_list_domains(bool list_all_domains, bool verbose)
                        continue;
                }
 
-               d_printf("%-24s", domain_list[i].dns_name);
+               d_printf("%-65s", domain_list[i].dns_name);
 
                switch(domain_list[i].trust_type) {
                case WBC_DOMINFO_TRUSTTYPE_NONE:
@@ -1226,6 +1229,9 @@ static bool wbinfo_lookupsid(const char *sid_str)
        d_printf("%s%c%s %d\n",
                 domain, winbind_separator(), name, type);
 
+       wbcFreeMemory(domain);
+       wbcFreeMemory(name);
+
        return true;
 }
 
@@ -1260,6 +1266,9 @@ static bool wbinfo_lookupsid_fullname(const char *sid_str)
        d_printf("%s%c%s %d\n",
                 domain, winbind_separator(), name, type);
 
+       wbcFreeMemory(domain);
+       wbcFreeMemory(name);
+
        return true;
 }
 
@@ -1435,7 +1444,8 @@ static char *wbinfo_prompt_pass(TALLOC_CTX *mem_ctx,
                                const char *username)
 {
        char *prompt;
-       const char *ret = NULL;
+       char buf[1024] = {0};
+       int rc;
 
        prompt = talloc_asprintf(mem_ctx, "Enter %s's ", username);
        if (!prompt) {
@@ -1452,10 +1462,13 @@ static char *wbinfo_prompt_pass(TALLOC_CTX *mem_ctx,
                return NULL;
        }
 
-       ret = getpass(prompt);
+       rc = samba_getpass(prompt, buf, sizeof(buf), false, false);
        TALLOC_FREE(prompt);
+       if (rc < 0) {
+               return NULL;
+       }
 
-       return talloc_strdup(mem_ctx, ret);
+       return talloc_strdup(mem_ctx, buf);
 }
 
 /* Authenticate a user with a plaintext password */
@@ -1736,7 +1749,7 @@ static bool wbinfo_pam_logon(char *username)
 {
        wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
        struct wbcLogonUserParams params;
-       struct wbcAuthErrorInfo *error;
+       struct wbcAuthErrorInfo *error = NULL;
        char *s = NULL;
        char *p = NULL;
        TALLOC_CTX *frame = talloc_tos();
@@ -1787,16 +1800,15 @@ static bool wbinfo_pam_logon(char *username)
        d_printf("plaintext password authentication %s\n",
                 WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed");
 
-       if (!WBC_ERROR_IS_OK(wbc_status)) {
+       if (!WBC_ERROR_IS_OK(wbc_status) && (error != NULL)) {
                d_fprintf(stderr,
                          "error code was %s (0x%x)\nerror message was: %s\n",
                          error->nt_string,
                          (int)error->nt_status,
                          error->display_string);
                wbcFreeMemory(error);
-               return false;
        }
-       return true;
+       return WBC_ERROR_IS_OK(wbc_status);
 }
 
 /* Save creds with winbind */
@@ -1860,7 +1872,10 @@ static bool wbinfo_klog(char *username)
                *p = '%';
        } else {
                fstrcpy(request.data.auth.user, username);
-               fstrcpy(request.data.auth.pass, getpass("Password: "));
+               (void) samba_getpass("Password: ",
+                                    request.data.auth.pass,
+                                    sizeof(request.data.auth.pass),
+                                    false, false);
        }
 
        request.flags |= WBFLAG_PAM_AFS_TOKEN;