From b80da5a181c50c3aae682166f8f39b2cf3fdec80 Mon Sep 17 00:00:00 2001

From: Cathy Avery <cavery@redhat.com>

Date: Fri, 25 Oct 2019 15:34:04 +0200

Subject: [PATCH 2/3] End VGAuth impersonation in the case of error.

RH-Author: Cathy Avery <cavery@redhat.com>

Message-id: <20191025153405.10241-3-cavery@redhat.com>

Patchwork-id: 91966

O-Subject: [RHEL7.8 open-vm-tools PATCH v2 2/3] End VGAuth impersonation in the case of error.

Bugzilla: 1760625

RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>

RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>

commit 7b874f37f970aab2adddb063a8363594f47abf70

Author: Oliver Kurth <okurth@vmware.com>

Date:   Tue Sep 4 15:40:58 2018 -0700

    End VGAuth impersonation in the case of error.

    * In GuestAuthPasswordAuthenticateImpersonate():

    When VGAuth_UserHandleAccessToken fails, unimpersonation is not

    being done. This can cause issues. Fixed it.

    * In GuestAuthSAMLAuthenticateAndImpersonate(), fixed the following issues:

    The 'newHandle' is not being freed which causes a memory leak.

    When VGAuth_UserHandleAccessToken fails, unimpersonation is not

    being done.

Signed-off-by: Cathy Avery <cavery@redhat.com>

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>

---

 services/plugins/vix/vixTools.c | 25 +++++++++++++++++++++++--

 1 file changed, 23 insertions(+), 2 deletions(-)

diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c

index 4436944..00b40b1 100644

--- a/services/plugins/vix/vixTools.c

+++ b/services/plugins/vix/vixTools.c

@@ -11550,6 +11550,7 @@ GuestAuthPasswordAuthenticateImpersonate(

    VGAuthError vgErr;

    VGAuthUserHandle *newHandle = NULL;

    VGAuthExtraParams extraParams[1];

+   Bool impersonated = FALSE;

    extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE;

    extraParams[0].value = VGAUTH_PARAM_VALUE_TRUE;

@@ -11585,6 +11586,8 @@ GuestAuthPasswordAuthenticateImpersonate(

       goto done;

    }

+   impersonated = TRUE;

+

 #ifdef _WIN32

    // this is making a copy of the token, be sure to close it

    vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken);

@@ -11604,6 +11607,10 @@ done:

    Util_ZeroFreeString(password);

    if (VIX_OK != err) {

+      if (impersonated) {

+         vgErr = VGAuth_EndImpersonation(ctx);

+         ASSERT(vgErr == VGAUTH_E_OK);

+      }

       VGAuth_UserHandleFree(newHandle);

       newHandle = NULL;

    }

@@ -11638,12 +11645,13 @@ GuestAuthSAMLAuthenticateAndImpersonate(

 {

 #if SUPPORT_VGAUTH

    VixError err;

-   char *token;

-   char *username;

+   char *token = NULL;

+   char *username = NULL;

    VGAuthContext *ctx = NULL;

    VGAuthError vgErr;

    VGAuthUserHandle *newHandle = NULL;

    VGAuthExtraParams extraParams[1];

+   Bool impersonated = FALSE;

    extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE;

    extraParams[0].value = VGAUTH_PARAM_VALUE_TRUE;

@@ -11735,6 +11743,8 @@ impersonate:

       goto done;

    }

+   impersonated = TRUE;

+

 #ifdef _WIN32

    // this is making a copy of the token, be sure to close it

    vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken);

@@ -11750,6 +11760,17 @@ impersonate:

    err = VIX_OK;

 done:

+   Util_ZeroFreeString(token);

+   Util_ZeroFreeString(username);

+

+   if (VIX_OK != err) {

+      if (impersonated) {

+         vgErr = VGAuth_EndImpersonation(ctx);

+         ASSERT(vgErr == VGAUTH_E_OK);

+      }

+      VGAuth_UserHandleFree(newHandle);

+      newHandle = NULL;

+   }

    return err;

 #else

-- 

1.8.3.1