Blob Blame History Raw
From b80da5a181c50c3aae682166f8f39b2cf3fdec80 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Fri, 25 Oct 2019 15:34:04 +0200
Subject: [PATCH 2/3] End VGAuth impersonation in the case of error.

RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20191025153405.10241-3-cavery@redhat.com>
Patchwork-id: 91966
O-Subject: [RHEL7.8 open-vm-tools PATCH v2 2/3] End VGAuth impersonation in the case of error.
Bugzilla: 1760625
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>

commit 7b874f37f970aab2adddb063a8363594f47abf70
Author: Oliver Kurth <okurth@vmware.com>
Date:   Tue Sep 4 15:40:58 2018 -0700

    End VGAuth impersonation in the case of error.

    * In GuestAuthPasswordAuthenticateImpersonate():
    When VGAuth_UserHandleAccessToken fails, unimpersonation is not
    being done. This can cause issues. Fixed it.

    * In GuestAuthSAMLAuthenticateAndImpersonate(), fixed the following issues:
    The 'newHandle' is not being freed which causes a memory leak.
    When VGAuth_UserHandleAccessToken fails, unimpersonation is not
    being done.

Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
 services/plugins/vix/vixTools.c | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c
index 4436944..00b40b1 100644
--- a/services/plugins/vix/vixTools.c
+++ b/services/plugins/vix/vixTools.c
@@ -11550,6 +11550,7 @@ GuestAuthPasswordAuthenticateImpersonate(
    VGAuthError vgErr;
    VGAuthUserHandle *newHandle = NULL;
    VGAuthExtraParams extraParams[1];
+   Bool impersonated = FALSE;
 
    extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE;
    extraParams[0].value = VGAUTH_PARAM_VALUE_TRUE;
@@ -11585,6 +11586,8 @@ GuestAuthPasswordAuthenticateImpersonate(
       goto done;
    }
 
+   impersonated = TRUE;
+
 #ifdef _WIN32
    // this is making a copy of the token, be sure to close it
    vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken);
@@ -11604,6 +11607,10 @@ done:
    Util_ZeroFreeString(password);
 
    if (VIX_OK != err) {
+      if (impersonated) {
+         vgErr = VGAuth_EndImpersonation(ctx);
+         ASSERT(vgErr == VGAUTH_E_OK);
+      }
       VGAuth_UserHandleFree(newHandle);
       newHandle = NULL;
    }
@@ -11638,12 +11645,13 @@ GuestAuthSAMLAuthenticateAndImpersonate(
 {
 #if SUPPORT_VGAUTH
    VixError err;
-   char *token;
-   char *username;
+   char *token = NULL;
+   char *username = NULL;
    VGAuthContext *ctx = NULL;
    VGAuthError vgErr;
    VGAuthUserHandle *newHandle = NULL;
    VGAuthExtraParams extraParams[1];
+   Bool impersonated = FALSE;
 
    extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE;
    extraParams[0].value = VGAUTH_PARAM_VALUE_TRUE;
@@ -11735,6 +11743,8 @@ impersonate:
       goto done;
    }
 
+   impersonated = TRUE;
+
 #ifdef _WIN32
    // this is making a copy of the token, be sure to close it
    vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken);
@@ -11750,6 +11760,17 @@ impersonate:
    err = VIX_OK;
 
 done:
+   Util_ZeroFreeString(token);
+   Util_ZeroFreeString(username);
+
+   if (VIX_OK != err) {
+      if (impersonated) {
+         vgErr = VGAuth_EndImpersonation(ctx);
+         ASSERT(vgErr == VGAUTH_E_OK);
+      }
+      VGAuth_UserHandleFree(newHandle);
+      newHandle = NULL;
+   }
 
    return err;
 #else
-- 
1.8.3.1