r9752: figured out why talloc_steal() is a bad idea for SEC_DESC*

Add a comment so someone else doesn't get bitten by this as well.
(This used to be commit 050364ef34b1e69260bd9df9e2140c45263e92f5)

diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index ee35b5853fe4e2cbf8b85cc74df9d9dd1a381695..33eeec91de6d4334c63ea9bb290554c5584c4aeb 100644 (file)
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -4171,7 +4171,11 @@ static BOOL construct_printer_info_2(Printer_entry *print_hnd, PRINTER_INFO_2 *p
        if ( ntprinter->info_2->secdesc_buf 
                && ntprinter->info_2->secdesc_buf->len != 0 ) 
        {
-               printer->secdesc = dup_sec_desc( get_talloc_ctx(), ntprinter->info_2->secdesc_buf->sec );
+               /* don't use talloc_steal() here unless you do a deep steal of all 
+                  the SEC_DESC members */
+
+               printer->secdesc = dup_sec_desc( get_talloc_ctx(), 
+                       ntprinter->info_2->secdesc_buf->sec );
        }
 
        free_a_printer(&ntprinter, 2);
@@ -4205,7 +4209,11 @@ static BOOL construct_printer_info_3(Printer_entry *print_hnd, PRINTER_INFO_3 **
        printer->flags = 0x4; 
 
        if (ntprinter->info_2->secdesc_buf && ntprinter->info_2->secdesc_buf->len != 0) {
-               printer->secdesc = dup_sec_desc( get_talloc_ctx(), ntprinter->info_2->secdesc_buf->sec );
+               /* don't use talloc_steal() here unless you do a deep steal of all 
+                  the SEC_DESC members */
+
+               printer->secdesc = dup_sec_desc( get_talloc_ctx(), 
+                       ntprinter->info_2->secdesc_buf->sec );
        }
 
        free_a_printer(&ntprinter, 2);