# HG changeset patch
# User Todd C. Miller <Todd.Miller@sudo.ws>
# Date 1511893724 25200
# Node ID 14dacdea331942a38d443a75d1b08f67eafaa5eb
# Parent  b456101fe5091540e9f6429db7568fa32b6d4da8
Avoid a double free when ipa_hostname is set in sssd.conf and it
is an unqualified host name.  From Daniel Kopecek.

Also move the "unable to allocate memory" warning into get_ipa_hostname()
itself to make it easier to see where the allocation failed in the
debug log.

diff -r b456101fe509 -r 14dacdea3319 plugins/sudoers/sssd.c
--- a/plugins/sudoers/sssd.c	Tue Nov 28 09:48:43 2017 -0700
+++ b/plugins/sudoers/sssd.c	Tue Nov 28 11:28:44 2017 -0700
@@ -349,6 +349,8 @@
 		    *lhostp = lhost;
 		    ret = true;
 		} else {
+		    sudo_warnx(U_("%s: %s"), __func__,
+			U_("unable to allocate memory"));
 		    free(shost);
 		    free(lhost);
 		    ret = -1;
@@ -456,7 +458,6 @@
      */
     if (strcmp(user_runhost, user_host) == 0) {
 	if (get_ipa_hostname(&handle->ipa_shost, &handle->ipa_host) == -1) {
-	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
 	    free(handle);
 	    debug_return_int(ENOMEM);
 	}
@@ -478,7 +479,8 @@
 	handle = nss->handle;
 	sudo_dso_unload(handle->ssslib);
 	free(handle->ipa_host);
-	free(handle->ipa_shost);
+	if (handle->ipa_host != handle->ipa_shost)
+	    free(handle->ipa_shost);
 	free(handle);
 	nss->handle = NULL;
     }