uid_t *uid, gid_t *gid,
SAM_ACCOUNT **sam_account)
{
+ NTSTATUS nt_status;
fstring dom_user, lower_username;
fstring real_username;
struct passwd *passwd;
DEBUG(5,("fill_sam_account: located username was [%s]\n",
*found_username));
- return pdb_init_sam_pw(sam_account, passwd);
+ nt_status = pdb_init_sam_pw(sam_account, passwd);
+ passwd_free(&passwd);
+ return nt_status;
}
/****************************************************************************
if ( p ) {
fstring strip_username;
- pw = Get_Pwnam( domuser );
+ pw = Get_Pwnam_alloc( domuser );
if ( pw ) {
/* make sure we get the case of the username correct */
/* work around 'winbind use default domain = yes' */
/* just lookup a plain username */
- pw = Get_Pwnam(username);
+ pw = Get_Pwnam_alloc(username);
/* Create local user if requested. */
return NULL;
smb_create_user(NULL, username, NULL);
- pw = Get_Pwnam(username);
+ pw = Get_Pwnam_alloc(username);
}
/* one last check for a valid passwd struct */
done:
DEBUG(5,("Get_Pwnam_internals %s find user [%s]!\n",ret ? "did":"didn't", user));
- /* This call used to just return the 'passwd' static buffer.
- This could then have accidental reuse implications, so
- we now malloc a copy, and free it in the next use.
-
- This should cause the (ab)user to segfault if it
- uses an old struct.
-
- This is better than useing the wrong data in security
- critical operations.
-
- The real fix is to make the callers free the returned
- malloc'ed data.
- */
-
- if (Get_Pwnam_ret) {
- passwd_free(&Get_Pwnam_ret);
- }
-
- Get_Pwnam_ret = ret;
-
return ret;
}
/****************************************************************************
Get_Pwnam wrapper without modification.
NOTE: This with NOT modify 'user'!
+ This will return an allocated structure
****************************************************************************/
-struct passwd *Get_Pwnam(const char *user)
+struct passwd *Get_Pwnam_alloc(const char *user)
{
fstring user2;
struct passwd *ret;
return ret;
}
+/****************************************************************************
+ Get_Pwnam wrapper without modification.
+ NOTE: This with NOT modify 'user'!
+****************************************************************************/
+
+struct passwd *Get_Pwnam(const char *user)
+{
+ struct passwd *ret;
+
+ ret = Get_Pwnam_alloc(user);
+
+ /* This call used to just return the 'passwd' static buffer.
+ This could then have accidental reuse implications, so
+ we now malloc a copy, and free it in the next use.
+
+ This should cause the (ab)user to segfault if it
+ uses an old struct.
+
+ This is better than useing the wrong data in security
+ critical operations.
+
+ The real fix is to make the callers free the returned
+ malloc'ed data.
+ */
+
+ if (Get_Pwnam_ret) {
+ passwd_free(&Get_Pwnam_ret);
+ }
+
+ Get_Pwnam_ret = ret;
+
+ return ret;
+}
+
/****************************************************************************
Check if a user is in a netgroup user list. If at first we don't succeed,
try lower case.
git.samba.org / ira / wip.git / commitdiff