s4:samr Don't leak the whole user onto the long-term handle

The user entry is only required for this function, so use
mem_ctx to hold it.

Andrew Bartlett

diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 6c5f5b845f8bcf6a3c7861d61f08297736cbc8e8..5b9aa91ded980f12883e829144d8e59c5170eca7 100644 (file)
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -1296,7 +1296,7 @@ static NTSTATUS dcesrv_samr_CreateUser2(struct dcesrv_call_state *dce_call, TALL
        }
 
        /* add core elements to the ldb_message for the user */
-       msg->dn = ldb_dn_copy(mem_ctx, d_state->domain_dn);
+       msg->dn = ldb_dn_copy(msg, d_state->domain_dn);
        if ( ! ldb_dn_add_child_fmt(msg->dn, "CN=%s,%s", cn_name, container)) {
                ldb_transaction_cancel(d_state->sam_ctx);
                return NT_STATUS_FOOBAR;
@@ -1344,7 +1344,7 @@ static NTSTATUS dcesrv_samr_CreateUser2(struct dcesrv_call_state *dce_call, TALL
        a_state->account_dn = talloc_steal(a_state, msg->dn);
 
        /* retrieve the sid and account control bits for the user just created */
-       ret = gendb_search_dn(d_state->sam_ctx, a_state,
+       ret = gendb_search_dn(d_state->sam_ctx, mem_ctx,
                              msg->dn, &msgs, attrs);
 
        if (ret != 1) {