git.samba.org
/
kai
/
samba-autobuild
/
.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
e865788
)
auth/ntlmssp: Avoid use-after-free of user_info after logon failure at log level 5
author
Andrew Bartlett
<abartlet@samba.org>
Fri, 15 Mar 2013 02:00:55 +0000
(13:00 +1100)
committer
Jeremy Allison
<jra@samba.org>
Wed, 27 Mar 2013 16:28:50 +0000
(09:28 -0700)
Reviewed-by: Jeremy Allison <jra@samba.org>
auth/ntlmssp/ntlmssp_server.c
patch
|
blob
|
history
diff --git
a/auth/ntlmssp/ntlmssp_server.c
b/auth/ntlmssp/ntlmssp_server.c
index d9bea1cde4b97734ff8e2bc7e2e0b93789b49ee9..442bd5db494caf639f1a3c04081d934eed395320 100644
(file)
--- a/
auth/ntlmssp/ntlmssp_server.c
+++ b/
auth/ntlmssp/ntlmssp_server.c
@@
-449,11
+449,11
@@
static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_sec
&gensec_ntlmssp->server_returned_info,
user_session_key, lm_session_key);
}
- talloc_free(user_info);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(5, (__location__ ": Checking NTLMSSP password for %s\\%s failed: %s\n", user_info->client.domain_name, user_info->client.account_name, nt_errstr(nt_status)));
}
+ TALLOC_FREE(user_info);
NT_STATUS_NOT_OK_RETURN(nt_status);