From: Swen Schillig <swen@linux.ibm.com>
Date: Mon, 30 Mar 2020 10:34:12 +0000 (+0200)
Subject: ctdbd_conn: possible memleak in ctdbd_db_attach
X-Git-Tag: ldb-2.2.0~1129
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2bdb5a75788936e75c31235f4855e7096b9af68c;p=thirdparty%2Fsamba.git

ctdbd_conn: possible memleak in ctdbd_db_attach

A cstatus != 0 or a data.dsize != sizeof(uint32_t)
does not guarantee to have no received data referenced by data.dptr.
Therefore, make sure data.dptr is free'd.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
---

diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c
index 33c811a06b7..e968ec5e491 100644
--- a/source3/lib/ctdbd_conn.c
+++ b/source3/lib/ctdbd_conn.c
@@ -847,7 +847,7 @@ int ctdbd_db_attach(struct ctdbd_connection *conn,
 		    const char *name, uint32_t *db_id, bool persistent)
 {
 	int ret;
-	TDB_DATA data;
+	TDB_DATA data = {0};
 	int32_t cstatus;
 
 	data = string_term_tdb_data(name);
@@ -865,6 +865,7 @@ int ctdbd_db_attach(struct ctdbd_connection *conn,
 
 	if (cstatus != 0 || data.dsize != sizeof(uint32_t)) {
 		DEBUG(0,(__location__ " ctdb_control for db_attach failed\n"));
+		TALLOC_FREE(data.dptr);
 		return EIO;
 	}