From a2b0dcbb525b7aa3a6f79ca8f8cca4ef7fc2f8f7 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 16 Jul 2019 15:45:51 +0200
Subject: [PATCH 060/187] s3:rpcclient: Use a stackframe for temporary memory
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 9158a6ba8693070f3b2b71dd15089488869ab6cd)
---
source3/rpcclient/cmd_samr.c | 56 +++++++++++++++++++++++++-----------
1 file changed, 39 insertions(+), 17 deletions(-)
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index b1b7c06515c..0cd8b50058e 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -3043,6 +3043,7 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
DATA_BLOB session_key;
uint8_t password_expired = 0;
struct dcerpc_binding_handle *b = cli->binding_handle;
+ TALLOC_CTX *frame = NULL;
if (argc < 4) {
printf("Usage: %s username level password [password_expired]\n",
@@ -3050,6 +3051,8 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
return NT_STATUS_INVALID_PARAMETER;
}
+ frame = talloc_stackframe();
+
user = argv[1];
level = atoi(argv[2]);
param = argv[3];
@@ -3058,18 +3061,18 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
password_expired = atoi(argv[4]);
}
- status = cli_get_session_key(mem_ctx, cli, &session_key);
+ status = cli_get_session_key(frame, cli, &session_key);
if (!NT_STATUS_IS_OK(status)) {
- return status;
+ goto done;
}
status = init_samr_CryptPassword(param, &session_key, &pwd_buf);
if (!NT_STATUS_IS_OK(status)) {
- return status;
+ goto done;
}
status = init_samr_CryptPasswordEx(param, &session_key, &pwd_buf_ex);
if (!NT_STATUS_IS_OK(status)) {
- return status;
+ goto done;
}
nt_lm_owf_gen(param, nt_hash, lm_hash);
@@ -3078,14 +3081,22 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
{
DATA_BLOB in,out;
in = data_blob_const(nt_hash, 16);
- out = data_blob_talloc_zero(mem_ctx, 16);
+ out = data_blob_talloc_zero(frame, 16);
+ if (out.data == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
sess_crypt_blob(&out, &in, &session_key, true);
memcpy(nt_hash, out.data, out.length);
}
{
DATA_BLOB in,out;
in = data_blob_const(lm_hash, 16);
- out = data_blob_talloc_zero(mem_ctx, 16);
+ out = data_blob_talloc_zero(frame, 15);
+ if (out.data == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
sess_crypt_blob(&out, &in, &session_key, true);
memcpy(lm_hash, out.data, out.length);
}
@@ -3118,18 +3129,26 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
{
DATA_BLOB in,out;
in = data_blob_const(nt_hash, 16);
- out = data_blob_talloc_zero(mem_ctx, 16);
+ out = data_blob_talloc_zero(frame, 16);
+ if (out.data == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
sess_crypt_blob(&out, &in, &session_key, true);
info.info21.nt_owf_password.array =
- (uint16_t *)talloc_memdup(mem_ctx, out.data, 16);
+ (uint16_t *)talloc_memdup(frame, out.data, 16);
}
{
DATA_BLOB in,out;
in = data_blob_const(lm_hash, 16);
- out = data_blob_talloc_zero(mem_ctx, 16);
+ out = data_blob_talloc_zero(frame, 16);
sess_crypt_blob(&out, &in, &session_key, true);
info.info21.lm_owf_password.array =
- (uint16_t *)talloc_memdup(mem_ctx, out.data, 16);
+ (uint16_t *)talloc_memdup(frame, out.data, 16);
+ if (out.data == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
}
break;
@@ -3175,7 +3194,7 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
/* Get sam policy handle */
- status = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, frame,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
if (!NT_STATUS_IS_OK(status)) {
@@ -3184,7 +3203,7 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
/* Get domain policy handle */
- status = dcerpc_samr_OpenDomain(b, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, frame,
&connect_pol,
access_mask,
&domain_sid,
@@ -3200,7 +3219,7 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
user_rid = strtol(user, NULL, 0);
if (user_rid) {
- status = dcerpc_samr_OpenUser(b, mem_ctx,
+ status = dcerpc_samr_OpenUser(b, frame,
&domain_pol,
access_mask,
user_rid,
@@ -3222,7 +3241,7 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
init_lsa_String(&lsa_acct_name, user);
- status = dcerpc_samr_LookupNames(b, mem_ctx,
+ status = dcerpc_samr_LookupNames(b, frame,
&domain_pol,
1,
&lsa_acct_name,
@@ -3242,7 +3261,7 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
return NT_STATUS_INVALID_NETWORK_RESPONSE;
}
- status = dcerpc_samr_OpenUser(b, mem_ctx,
+ status = dcerpc_samr_OpenUser(b, frame,
&domain_pol,
access_mask,
rids.ids[0],
@@ -3258,14 +3277,14 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
switch (opcode) {
case NDR_SAMR_SETUSERINFO:
- status = dcerpc_samr_SetUserInfo(b, mem_ctx,
+ status = dcerpc_samr_SetUserInfo(b, frame,
&user_pol,
level,
&info,
&result);
break;
case NDR_SAMR_SETUSERINFO2:
- status = dcerpc_samr_SetUserInfo2(b, mem_ctx,
+ status = dcerpc_samr_SetUserInfo2(b, frame,
&user_pol,
level,
&info,
@@ -3283,7 +3302,10 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
DEBUG(0,("result: %s\n", nt_errstr(status)));
goto done;
}
+
+ status = NT_STATUS_OK;
done:
+ TALLOC_FREE(frame);
return status;
}
--
2.23.0