From 0701e642f2d78ff572f7d7dcdf9b5c59750c6c30 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 4 Feb 2003 23:44:05 +0000
Subject: [PATCH] Mem alloc failure checks. Jeremy. (This used to be commit
 4e33e3f37fd548b9b1ed3c84f673a853b0dc4818)

---
 source3/libads/ads_struct.c | 18 +++++++++--------
 source3/libads/krb5_setpw.c | 25 ++++++++++++++++++++----
 source3/libads/ldap.c       | 39 ++++++++++++++++++++++++++-----------
 3 files changed, 59 insertions(+), 23 deletions(-)

diff --git a/source3/libads/ads_struct.c b/source3/libads/ads_struct.c
index c45805cd16f..652bfe31be8 100644
--- a/source3/libads/ads_struct.c
+++ b/source3/libads/ads_struct.c
@@ -33,32 +33,34 @@ char *ads_build_path(const char *realm, const char *sep, const char *field, int
 	
 	r = strdup(realm);
 
-	if (!r || !*r) return r;
+	if (!r || !*r)
+		return r;
 
-	for (p=r; *p; p++) {
-		if (strchr(sep, *p)) numbits++;
-	}
+	for (p=r; *p; p++)
+		if (strchr(sep, *p))
+			numbits++;
 
 	len = (numbits+1)*(strlen(field)+1) + strlen(r) + 1;
 
 	ret = malloc(len);
+	if (!ret)
+		return NULL;
+
 	strlcpy(ret,field, len);
 	p=strtok(r,sep); 
 	strlcat(ret, p, len);
 
 	while ((p=strtok(NULL,sep))) {
 		char *s;
-		if (reverse) {
+		if (reverse)
 			asprintf(&s, "%s%s,%s", field, p, ret);
-		} else {
+		else
 			asprintf(&s, "%s,%s%s", ret, field, p);
-		}
 		free(ret);
 		ret = s;
 	}
 
 	free(r);
-
 	return ret;
 }
 
diff --git a/source3/libads/krb5_setpw.c b/source3/libads/krb5_setpw.c
index 73d370d75f2..087b0e9a715 100644
--- a/source3/libads/krb5_setpw.c
+++ b/source3/libads/krb5_setpw.c
@@ -139,13 +139,19 @@ static krb5_error_code build_setpw_request(krb5_context context,
 	}
 
 	packet->data = (char *)malloc(ap_req->length + cipherpw.length + 6);
+	if (!packet->data)
+		return -1;
 
 	/* see the RFC for details */
 	p = ((char *)packet->data) + 2;
-	RSSVAL(p, 0, 0xff80); p += 2;
-	RSSVAL(p, 0, ap_req->length); p += 2;
-	memcpy(p, ap_req->data, ap_req->length); p += ap_req->length;
-	memcpy(p, cipherpw.data, cipherpw.length); p += cipherpw.length;
+	RSSVAL(p, 0, 0xff80);
+	p += 2;
+	RSSVAL(p, 0, ap_req->length);
+	p += 2;
+	memcpy(p, ap_req->data, ap_req->length);
+	p += ap_req->length;
+	memcpy(p, cipherpw.data, cipherpw.length);
+	p += cipherpw.length;
 	packet->length = PTR_DIFF(p,packet->data);
 	RSSVAL(packet->data, 0, packet->length);
 	
@@ -397,6 +403,17 @@ ADS_STATUS krb5_set_password(const char *kdc_host, const char *princ, const char
 
 	chpw_rep.length = 1500;
 	chpw_rep.data = (char *) malloc(chpw_rep.length);
+	if (!chpw_rep.data) {
+	        close(sock);
+	        free(ap_req.data);
+	        krb5_free_creds(context, credsp);
+		krb5_free_principal(context, creds.client);
+		krb5_free_principal(context, principal);
+		krb5_free_context(context);
+		DEBUG(1,("send of chpw failed (%s)\n", strerror(errno)));
+		errno = ENOMEM;
+		return ADS_ERROR_SYSTEM(errno);
+	}
 
 	ret = read(sock, chpw_rep.data, chpw_rep.length);
 	if (ret < 0) {
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 603f17c9948..41e70fbcaea 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -1528,7 +1528,8 @@ char *ads_pull_string(ADS_STRUCT *ads,
 	int rc;
 
 	values = ldap_get_values(ads->ld, msg, field);
-	if (!values) return NULL;
+	if (!values)
+		return NULL;
 	
 	if (values[0]) {
 		rc = pull_utf8_talloc(mem_ctx, &ux_string, 
@@ -1557,15 +1558,22 @@ char **ads_pull_strings(ADS_STRUCT *ads,
 	int i, n;
 
 	values = ldap_get_values(ads->ld, msg, field);
-	if (!values) return NULL;
+	if (!values)
+		return NULL;
 
-	for (i=0;values[i];i++) /* noop */ ;
+	for (i=0;values[i];i++)
+		/* noop */ ;
 	n = i;
 
 	ret = talloc(mem_ctx, sizeof(char *) * (n+1));
+	if (!ret) {
+		ldap_value_free(values);
+		return NULL;
+	}
 
 	for (i=0;i<n;i++) {
 		if (pull_utf8_talloc(mem_ctx, &ret[i], values[i]) == -1) {
+			ldap_value_free(values);
 			return NULL;
 		}
 	}
@@ -1590,7 +1598,8 @@ BOOL ads_pull_uint32(ADS_STRUCT *ads,
 	char **values;
 
 	values = ldap_get_values(ads->ld, msg, field);
-	if (!values) return False;
+	if (!values)
+		return False;
 	if (!values[0]) {
 		ldap_value_free(values);
 		return False;
@@ -1614,7 +1623,8 @@ BOOL ads_pull_guid(ADS_STRUCT *ads,
 	char **values;
 
 	values = ldap_get_values(ads->ld, msg, "objectGUID");
-	if (!values) return False;
+	if (!values)
+		return False;
 	
 	if (values[0]) {
 		memcpy(guid, values[0], sizeof(GUID));
@@ -1643,11 +1653,11 @@ BOOL ads_pull_sid(ADS_STRUCT *ads,
 
 	values = ldap_get_values_len(ads->ld, msg, field);
 
-	if (!values) return False;
+	if (!values)
+		return False;
 
-	if (values[0]) {
+	if (values[0])
 		ret = sid_parse(values[0]->bv_val, values[0]->bv_len, sid);
-	}
 	
 	ldap_value_free_len(values);
 	return ret;
@@ -1671,16 +1681,23 @@ int ads_pull_sids(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
 
 	values = ldap_get_values_len(ads->ld, msg, field);
 
-	if (!values) return 0;
+	if (!values)
+		return 0;
 
-	for (i=0; values[i]; i++) /* nop */ ;
+	for (i=0; values[i]; i++)
+		/* nop */ ;
 
 	(*sids) = talloc(mem_ctx, sizeof(DOM_SID) * i);
+	if (!(*sids)) {
+		ldap_value_free_len(values);
+		return 0;
+	}
 
 	count = 0;
 	for (i=0; values[i]; i++) {
 		ret = sid_parse(values[i]->bv_val, values[i]->bv_len, &(*sids)[count]);
-		if (ret) count++;
+		if (ret)
+			count++;
 	}
 	
 	ldap_value_free_len(values);
-- 
2.34.1