r4334: Fix for bugid #2186 - from Buck Huppmann <buckh@pobox.com>

to prevent uninitialized creds being freed.
Jeremy.
(This used to be commit c3f9c81a8fcb26f7110f75b3096d5d1eb30aac13)

diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c
index c6b6570f5c436314d7f6962dd14af6261669fe82..6ebada94d7135a714e7f5174f97f15852e120746 100644 (file)
--- a/source3/lib/util_str.c
+++ b/source3/lib/util_str.c
@@ -1527,6 +1527,9 @@ int fstr_sprintf(fstring s, const char *fmt, ...)
 /**
  Some platforms don't have strndup.
 **/
+#if defined(PARANOID_MALLOC_CHECKER)
+#undef strndup
+#endif
 
  char *strndup(const char *s, size_t n)
 {
@@ -1541,6 +1544,11 @@ int fstr_sprintf(fstring s, const char *fmt, ...)
 
        return ret;
 }
+
+#if defined(PARANOID_MALLOC_CHECKER)
+#define strndup(s,n) __ERROR_DONT_USE_STRNDUP_DIRECTLY
+#endif
+
 #endif
 
 #if !defined(HAVE_STRNLEN) || defined(BROKEN_STRNLEN)

diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index a38f3c35b1a06ea95bcd74909604666bb8d90d50..b08e28e0ba4ff046e662fa72bee59ea79616b054 100644 (file)
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -320,6 +320,8 @@ static krb5_error_code get_service_ticket(krb5_context ctx,
        krb5_auth_context auth_context = NULL;
        krb5_error_code err = 0;
 
+       ZERO_STRUCT(creds);
+
        asprintf(&machine_account, "%s$@%s", global_myname(), lp_realm());
        if (machine_account == NULL) {
                goto out;
@@ -340,7 +342,6 @@ static krb5_error_code get_service_ticket(krb5_context ctx,
           ticket to ourselves. */
 
        /* Set up the enctype and client and server principal fields for krb5_get_credentials. */
-       memset(&creds, '\0', sizeof(creds));
        kerberos_set_creds_enctype(&creds, enctype);
 
        if ((err = krb5_cc_get_principal(ctx, ccache, &creds.client))) {