Fix bug 7045 - Bad (non memory copying) interfaces in smbc_setXXXX calls.

In smbc_free_context libsmbclient just called free() on the string options
so it assumes the callers have malloced them before setting them via smbc_set
calls.

Change to correctly malloc/free string options to the library.
Protect against SMB_STRDUP of null.

Contains 2d41b1ab78639abe4ae030ff482573f464564dd7 and
f85b6ee90b88c7f7b2a92c8a5f3e2ebe59c1087b from master.

Jeremy
(cherry picked from commit edc44312f76e14e94c56e70cf7bb49139f9f081e)

diff --git a/source/libsmb/libsmb_context.c b/source/libsmb/libsmb_context.c
index 8e0aa1e3c993db40815b37616eed34463a77c90c..fb14c267f016c7b0e79e35b3c600b6b8124fdbbc 100644 (file)
--- a/source/libsmb/libsmb_context.c
+++ b/source/libsmb/libsmb_context.c
@@ -192,13 +192,8 @@ smbc_free_context(SMBCCTX *context,
         }
         
         /* Things we have to clean up */
-        free(smbc_getWorkgroup(context));
         smbc_setWorkgroup(context, NULL);
-
-        free(smbc_getNetbiosName(context));
         smbc_setNetbiosName(context, NULL);
-
-        free(smbc_getUser(context));
         smbc_setUser(context, NULL);
         
         DEBUG(3, ("Context %p successfully freed\n", context));
@@ -423,7 +418,6 @@ SMBCCTX *
 smbc_init_context(SMBCCTX *context)
 {
         int pid;
-        char *user = NULL;
         char *home = NULL;
         
         if (!context) {
@@ -532,7 +526,7 @@ smbc_init_context(SMBCCTX *context)
                 /*
                  * FIXME: Is this the best way to get the user info?
                  */
-                user = getenv("USER");
+               char *user = getenv("USER");
                 /* walk around as "guest" if no username can be found */
                 if (!user) {
                         user = SMB_STRDUP("guest");
@@ -546,6 +540,12 @@ smbc_init_context(SMBCCTX *context)
                 }
 
                 smbc_setUser(context, user);
+               SAFE_FREE(user);
+
+               if (!smbc_getUser(context)) {
+                        errno = ENOMEM;
+                        return NULL;
+                }
         }
         
         if (!smbc_getNetbiosName(context)) {
@@ -578,6 +578,12 @@ smbc_init_context(SMBCCTX *context)
                 }
                 
                 smbc_setNetbiosName(context, netbios_name);
+               SAFE_FREE(netbios_name);
+
+                if (!smbc_getNetbiosName(context)) {
+                        errno = ENOMEM;
+                        return NULL;
+                }
         }
         
         DEBUG(1, ("Using netbios name %s.\n", smbc_getNetbiosName(context)));
@@ -599,6 +605,12 @@ smbc_init_context(SMBCCTX *context)
                 }
 
                 smbc_setWorkgroup(context, workgroup);
+               SAFE_FREE(workgroup);
+
+               if (!smbc_getWorkgroup(context)) {
+                       errno = ENOMEM;
+                       return NULL;
+               }
         }
         
         DEBUG(1, ("Using workgroup %s.\n", smbc_getWorkgroup(context)));

diff --git a/source/libsmb/libsmb_setget.c b/source/libsmb/libsmb_setget.c
index 3493e4f8dd2f726c631703cf4122323828d2e8c3..7113c62cf4b2e6e095ab224682dc30212d6b8606 100644 (file)
--- a/source/libsmb/libsmb_setget.c
+++ b/source/libsmb/libsmb_setget.c
@@ -39,7 +39,10 @@ smbc_getNetbiosName(SMBCCTX *c)
 void
 smbc_setNetbiosName(SMBCCTX *c, char * netbios_name)
 {
-        c->netbios_name = netbios_name;
+       SAFE_FREE(c->netbios_name);
+       if (netbios_name) {
+               c->netbios_name = SMB_STRDUP(netbios_name);
+       }
 }
 
 /** Get the workgroup used for making connections */
@@ -53,7 +56,10 @@ smbc_getWorkgroup(SMBCCTX *c)
 void
 smbc_setWorkgroup(SMBCCTX *c, char * workgroup)
 {
-        c->workgroup = workgroup;
+       SAFE_FREE(c->workgroup);
+       if (workgroup) {
+               c->workgroup = SMB_STRDUP(workgroup);
+       }
 }
 
 /** Get the username used for making connections */
@@ -67,7 +73,10 @@ smbc_getUser(SMBCCTX *c)
 void
 smbc_setUser(SMBCCTX *c, char * user)
 {
-        c->user = user;
+       SAFE_FREE(c->user);
+       if (user) {
+               c->user = SMB_STRDUP(user);
+       }
 }
 
 /** Get the debug level */