[SCM] Samba Shared Repository - branch master updated

Mon, 25 Jan 2016 14:59:55 -0800 

The branch, master has been updated
       via  500bc01 s3-parm: clean up defaults when removing global parameters
      from  62c68bd s3-client: Add a KRB5 wrapper for smbspool

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 500bc01478881cab89f0e691427e34a405bb0003
Author: Alexander Bokovoy <a...@samba.org>
Date:   Fri Jan 22 11:44:03 2016 +0200

    s3-parm: clean up defaults when removing global parameters
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=11693
    
    When globals are re-initialized, they are cleared and globals' talloc
    context is freed. However, parm_table still contains a reference to the
    global value in the defaults. This confuses lpcfg_string_free() after
    commit 795c543d858b2452f062a02846c2f908fe4cffe4 because it tries to
    free already freed pointer which is passed by lp_save_defaults():
    
    ....
        case P_STRING:
        case P_USTRING:
                      lpcfg_string_set(Globals.ctx,
                                       &parm_table[i].def.svalue,
                                       *(char **)lp_parm_ptr(NULL, 
&parm_table[i]));
    ....
    
    here &parm_table[i].def.svalue is passed to lpcfg_string_free() but it
    is a pointer to a value allocated with previous Globals.ctx which
    already was freed.
    
    This specifically affects registry backend of smb.conf in lp_load_ex()
    where init_globals() called explicitly to re-init globals after
    lp_save_defaults() if we have registry backend defined.
    
    Reviewed-by: Uri Simchoni <u...@samba.org>
    Signed-off-by: Alexander Bokovoy <a...@samba.org>
    
    Autobuild-User(master): Uri Simchoni <u...@samba.org>
    Autobuild-Date(master): Mon Jan 25 23:58:42 CET 2016 on sn-devel-144

-----------------------------------------------------------------------

Summary of changes:
 source3/param/loadparm.c | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)


Changeset truncated at 500 lines:

diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 9f4a2b4..f8ecab7 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -399,8 +399,25 @@ static void free_parameters_by_snum(int snum)
  */
 static void free_global_parameters(void)
 {
+       uint32_t i;
+       struct parm_struct *parm;
+
        free_param_opts(&Globals.param_opt);
        free_parameters_by_snum(GLOBAL_SECTION_SNUM);
+
+       /* Reset references in the defaults because the context is going to be 
freed */
+       for (i=0; parm_table[i].label; i++) {
+               parm = &parm_table[i];
+               if ((parm->type == P_STRING) ||
+                   (parm->type == P_USTRING)) {
+                       if ((parm->def.svalue != NULL) &&
+                           (*(parm->def.svalue) != '\0')) {
+                               if (talloc_parent(parm->def.svalue) == 
Globals.ctx) {
+                                       parm->def.svalue = NULL;
+                               }
+                       }
+               }
+       }
        TALLOC_FREE(Globals.ctx);
 }
 


-- 
Samba Shared Repository

Reply via email to