s4 lib socket: Ensure address string owned by parent struct
authorGary Lockyer <gary@catalyst.net.nz>
Tue, 7 May 2019 04:30:22 +0000 (16:30 +1200)
committerAndrew Bartlett <abartlet@samba.org>
Wed, 8 May 2019 20:03:42 +0000 (20:03 +0000)
The local address string was not owned by it's parent structure, which
caused a use after free error in
continue_ip_open_socket source4/librpc/rpc/dcerpc_sock.c:267

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13929

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed May  8 20:03:42 UTC 2019 on sn-devel-184

source4/lib/socket/socket_ip.c

index fd109a3..2aba491 100644 (file)
@@ -999,7 +999,7 @@ static struct socket_address *ipv6_tcp_get_my_addr(struct socket_context *sock,
                return NULL;
        }
        
-       local->addr = talloc_strdup(mem_ctx, addrstring);
+       local->addr = talloc_strdup(local, addrstring);
        if (!local->addr) {
                talloc_free(local);
                return NULL;