From 9fad27b40eff82bcdffa61cafcc54e2d7750faee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= Date: Fri, 1 Nov 2013 12:27:59 +0100 Subject: [PATCH 19/31] free idmapped SIDs correctly Resolves: https://fedorahosted.org/sssd/ticket/2133 --- src/providers/ad/ad_id.c | 3 +-- src/providers/ad/ad_subdomains.c | 2 ++ src/providers/ldap/ldap_id.c | 4 ++-- src/providers/ldap/sdap_async_initgroups_ad.c | 2 ++ src/responder/pac/pacsrv_cmd.c | 2 ++ src/responder/pac/pacsrv_utils.c | 4 ++-- src/tests/cmocka/test_sss_idmap.c | 2 ++ src/tests/sss_idmap-tests.c | 14 +++++++------- 8 files changed, 20 insertions(+), 13 deletions(-) diff --git a/src/providers/ad/ad_id.c b/src/providers/ad/ad_id.c index dadb50da92cac87d3162bddb44395dad7d2abbc4..19bc65825be21c6419db1e92db642be0a14b97a8 100644 --- a/src/providers/ad/ad_id.c +++ b/src/providers/ad/ad_id.c @@ -307,8 +307,7 @@ static errno_t ad_account_can_shortcut(struct be_ctx *be_ctx, done: if (sid != NULL) { - /* FIXME: use library function when #2133 is fixed */ - talloc_free(sid); + sss_idmap_free_sid(idmap_ctx->map, sid); } if (ret == EOK) { diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c index 28c5eafb395b70e8f3630a43b67c61810683fe7c..dd692fb699ddf14bcf8f9926383e82da77c494e0 100644 --- a/src/providers/ad/ad_subdomains.c +++ b/src/providers/ad/ad_subdomains.c @@ -302,7 +302,9 @@ ad_subdom_store(struct ad_subdomains_ctx *ctx, ret = EOK; done: + sss_idmap_free_sid(ctx->sdap_id_ctx->opts->idmap_ctx->map, sid_str); talloc_free(tmp_ctx); + return ret; } diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c index fad1585331b7f0240770d2dc5a2e89788d2ad4da..793bc99ebcec883be7db3fc9dd56fa511d8ba3bb 100644 --- a/src/providers/ldap/ldap_id.c +++ b/src/providers/ldap/ldap_id.c @@ -139,7 +139,7 @@ struct tevent_req *users_get_send(TALLOC_CTX *memctx, attr_name = ctx->opts->user_map[SDAP_AT_USER_OBJECTSID].name; ret = sss_filter_sanitize(state, sid, &clean_name); - talloc_zfree(sid); + sss_idmap_free_sid(ctx->opts->idmap_ctx->map, sid); if (ret != EOK) { goto fail; } @@ -509,7 +509,7 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx, attr_name = ctx->opts->group_map[SDAP_AT_GROUP_OBJECTSID].name; ret = sss_filter_sanitize(state, sid, &clean_name); - talloc_zfree(sid); + sss_idmap_free_sid(ctx->opts->idmap_ctx->map, sid); if (ret != EOK) { goto fail; } diff --git a/src/providers/ldap/sdap_async_initgroups_ad.c b/src/providers/ldap/sdap_async_initgroups_ad.c index a0841a799bdbb1ad4de856d1715c88588b3b4da9..aa72c8876ba93eefc6230537801c50ab04e591ce 100644 --- a/src/providers/ldap/sdap_async_initgroups_ad.c +++ b/src/providers/ldap/sdap_async_initgroups_ad.c @@ -594,6 +594,8 @@ sdap_get_ad_tokengroups_initgroups_lookup_done(struct tevent_req *subreq) in_transaction = false; done: + sss_idmap_free_sid(state->opts->idmap_ctx->map, sid_str); + if (in_transaction) { sret = sysdb_transaction_cancel(state->sysdb); DEBUG(SSSDBG_FATAL_FAILURE, diff --git a/src/responder/pac/pacsrv_cmd.c b/src/responder/pac/pacsrv_cmd.c index f6e8abaf580a43417f3ea09929feccf19e5b0f29..144f5f5847e7ead490d59bae0e2fe49722eb9b69 100644 --- a/src/responder/pac/pacsrv_cmd.c +++ b/src/responder/pac/pacsrv_cmd.c @@ -161,6 +161,8 @@ static errno_t pac_add_pac_user(struct cli_ctx *cctx) goto done; } + talloc_steal(pr_ctx, pr_ctx->user_dom_sid_str); + ret = responder_get_domain_by_id(cctx->rctx, pr_ctx->user_dom_sid_str, &pr_ctx->dom); if (ret == EAGAIN || ret == ENOENT) { diff --git a/src/responder/pac/pacsrv_utils.c b/src/responder/pac/pacsrv_utils.c index 05b53edee2ada79abf8bd04a6032314b68541d8e..30055a1345b7d943e6adf822438263c92e53b51a 100644 --- a/src/responder/pac/pacsrv_utils.c +++ b/src/responder/pac/pacsrv_utils.c @@ -264,14 +264,14 @@ errno_t get_sids_from_pac(TALLOC_CTX *mem_ctx, goto done; } - talloc_zfree(sid_str); + sss_idmap_free_sid(pac_ctx->idmap_ctx, sid_str); } ret = EOK; done: talloc_free(sid_str); - talloc_free(user_dom_sid_str); + sss_idmap_free_sid(pac_ctx->idmap_ctx, user_dom_sid_str); if (ret == EOK) { *_sid_table = sid_table; diff --git a/src/tests/cmocka/test_sss_idmap.c b/src/tests/cmocka/test_sss_idmap.c index 53ed35a97863f8f52b82bec64d6dfb192891b0fe..019b4618ef0e14e87cb86d64989e8f5ca9dfdfd8 100644 --- a/src/tests/cmocka/test_sss_idmap.c +++ b/src/tests/cmocka/test_sss_idmap.c @@ -251,6 +251,7 @@ void test_map_id(void **state) err = sss_idmap_unix_to_sid(test_ctx->idmap_ctx, id, &sid); assert_int_equal(err, IDMAP_SUCCESS); assert_string_equal(sid, TEST_DOM_SID"-0"); + sss_idmap_free_sid(test_ctx->idmap_ctx, sid); err = sss_idmap_sid_to_unix(test_ctx->idmap_ctx, TEST_DOM_SID"-"TEST_OFFSET_STR, &id); @@ -260,6 +261,7 @@ void test_map_id(void **state) err = sss_idmap_unix_to_sid(test_ctx->idmap_ctx, id, &sid); assert_int_equal(err, IDMAP_SUCCESS); assert_string_equal(sid, TEST_DOM_SID"-"TEST_OFFSET_STR); + sss_idmap_free_sid(test_ctx->idmap_ctx, sid); } void test_map_id_external(void **state) diff --git a/src/tests/sss_idmap-tests.c b/src/tests/sss_idmap-tests.c index 65e61351ddcf52deffe9c8abf38497cd9183c448..b2de0e70f794414587080587af1fd4a06d5ae854 100644 --- a/src/tests/sss_idmap-tests.c +++ b/src/tests/sss_idmap-tests.c @@ -280,7 +280,7 @@ START_TEST(idmap_test_uid2sid) "sss_idmap_unix_to_sid returned wrong SID, " "expected [%s], got [%s].", "S-1-5-21-1-2-3-1000", sid); - talloc_free(sid); + sss_idmap_free_sid(idmap_ctx, sid); } END_TEST @@ -304,7 +304,7 @@ START_TEST(idmap_test_uid2dom_sid) "sss_idmap_unix_to_dom_sid returned wrong SID, " "expected [%s], got [%s].", "S-1-5-21-1-2-3-1000", sid); - talloc_free(sid); + sss_idmap_free_sid(idmap_ctx, sid); talloc_free(dom_sid); } END_TEST @@ -330,7 +330,7 @@ START_TEST(idmap_test_uid2bin_sid) "sss_idmap_unix_to_bin_sid returned wrong SID, " "expected [%s], got [%s].", "S-1-5-21-1-2-3-1000", sid); - talloc_free(sid); + sss_idmap_free_sid(idmap_ctx, sid); talloc_free(bin_sid); } END_TEST @@ -385,7 +385,7 @@ START_TEST(idmap_test_sid2dom_sid) "SID strings do not match."); talloc_free(dom_sid); - talloc_free(new_sid); + sss_idmap_free_sid(idmap_ctx, new_sid); } END_TEST @@ -418,7 +418,7 @@ START_TEST(idmap_test_large_and_too_large_sid) "did not return IDMAP_SID_INVALID"); talloc_free(dom_sid); - talloc_free(new_sid); + sss_idmap_free_sid(idmap_ctx, new_sid); } END_TEST @@ -454,7 +454,7 @@ START_TEST(idmap_test_bin_sid2sid) "expected [%s], get [%s]", test_sid, sid); - talloc_free(sid); + sss_idmap_free_sid(idmap_ctx, sid); } END_TEST @@ -528,7 +528,7 @@ START_TEST(idmap_test_smb_sid2sid) "expected [%s], get [%s]", test_sid, sid); - talloc_free(sid); + sss_idmap_free_sid(idmap_ctx, sid); } END_TEST -- 1.8.4.2