From: Andreas Schneider <asn@samba.org>
Date: Fri, 25 Oct 2024 13:12:26 +0000 (+0200)
Subject: s3:utils: Fix memory leaks in test_lm_ntlm_broken()
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ca74cc64adfd6f8e1b49003a27265f3c9531a08c;p=thirdparty%2Fsamba.git

s3:utils: Fix memory leaks in test_lm_ntlm_broken()

Direct leak of 104 byte(s) in 1 object(s) allocated from:
    #0 0x7f72126fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f72122e8c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783
    #2 0x7f72122eaacf in __talloc ../../lib/talloc/talloc.c:825
    #3 0x7f72122eaacf in _talloc_named_const ../../lib/talloc/talloc.c:982
    #4 0x7f72122eaacf in _talloc_array ../../lib/talloc/talloc.c:2784
    #5 0x7f72118f6a99 in data_blob_talloc_named ../../lib/util/data_blob.c:58
    #6 0x7f72118f6b1b in data_blob_named ../../lib/util/data_blob.c:40
    #7 0x55b8512f889c in get_challenge ../../source3/utils/ntlm_auth.c:375
    #8 0x55b8512fe1a1 in test_lm_ntlm_broken ../../source3/utils/ntlm_auth_diagnostics.c:63
    #9 0x55b8512fec4e in test_lm_ntlm ../../source3/utils/ntlm_auth_diagnostics.c:477
    #10 0x55b8513009b6 in diagnose_ntlm_auth ../../source3/utils/ntlm_auth_diagnostics.c:716\n    #11 0x55b8512fcefd in main ../../source3/utils/ntlm_auth.c:2855\n    #12 0x7f720ee2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n\nDirect leak of 104 byte(s) in 1 object(s) allocated from:\n    #0 0x7f72126fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69\n    #1 0x7f72122e8c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783\n    #2 0x7f72122eaacf in __talloc ../../lib/talloc/talloc.c:825\n    #3 0x7f72122eaacf in _talloc_named_const ../../lib/talloc/talloc.c:982\n    #4 0x7f72122eaacf in _talloc_array ../../lib/talloc/talloc.c:2784\n    #5 0x7f72118f6a99 in data_blob_talloc_named ../../lib/util/data_blob.c:58\n    #6 0x7f72118f6b1b in data_blob_named ../../lib/util/data_blob.c:40\n    #7 0x55b8512f889c in get_challenge ../../source3/utils/ntlm_auth.c:375\n    #8 0x55b8513000c1 in test_lmv2_ntlmv2_broken ../../source3/utils/ntlm_auth_diagnostics.c:379\n    #9 0x55b851300926 in test_lmv2_ntlmv2 ../../source3/utils/ntlm_auth_diagnostics.c:454\n    #10 0x55b8513009b6 in diagnose_ntlm_auth ../../source3/utils/ntlm_auth_diagnostics.c:716\n    #11 0x55b8512fcefd in main ../../source3/utils/ntlm_auth.c:2855\n    #12 0x7f720ee2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n\nDirect leak of 104 byte(s) in 1 object(s) allocated from:\n    #0 0x7f72126fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69\n    #1 0x7f72122e8c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783\n    #2 0x7f72122eaacf in __talloc ../../lib/talloc/talloc.c:825\n    #3 0x7f72122eaacf in _talloc_named_const ../../lib/talloc/talloc.c:982\n    #4 0x7f72122eaacf in _talloc_array ../../lib/talloc/talloc.c:2784\n    #5 0x7f72118f6a99 in data_blob_talloc_named ../../lib/util/data_blob.c:58\n    #6 0x7f72118f6b1b in data_blob_named ../../lib/util/data_blob.c:40\n    #7 0x55b8512f889c in get_challenge ../../source3/utils/ntlm_auth.c:375\n    #8 0x55b8512ff72c in test_ntlm_in_lm ../../source3/utils/ntlm_auth_diagnostics.c:202\n    #9 0x55b8513009b6 in diagnose_ntlm_auth ../../source3/utils/ntlm_auth_diagnostics.c:716\n    #10 0x55b8512fcefd in main ../../source3/utils/ntlm_auth.c:2855\n    #11 0x7f720ee2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n\nDirect leak of 104 byte(s) in 1 object(s) allocated from:\n    #0 0x7f72126fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69\n    #1 0x7f72122e8c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783\n    #2 0x7f72122eaacf in __talloc ../../lib/talloc/talloc.c:825\n    #3 0x7f72122eaacf in _talloc_named_const ../../lib/talloc/talloc.c:982\n    #4 0x7f72122eaacf in _talloc_array ../../lib/talloc/talloc.c:2784\n    #5 0x7f72118f6a99 in data_blob_talloc_named ../../lib/util/data_blob.c:58\n    #6 0x7f72118f6b1b in data_blob_named ../../lib/util/data_blob.c:40\n    #7 0x55b8512f889c in get_challenge ../../source3/utils/ntlm_auth.c:375\n    #8 0x55b8512fee10 in test_ntlm_in_both ../../source3/utils/ntlm_auth_diagnostics.c:291\n    #9 0x55b8513009b6 in diagnose_ntlm_auth ../../source3/utils/ntlm_auth_diagnostics.c:716\n    #10 0x55b8512fcefd in main ../../source3/utils/ntlm_auth.c:2855\n    #11 0x7f720ee2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n\nDirect leak of 104 byte(s) in 1 object(s) allocated from:\n    #0 0x7f72126fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69\n    #1 0x7f72122e8c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783\n    #2 0x7f72122eaacf in __talloc ../../lib/talloc/talloc.c:825\n    #3 0x7f72122eaacf in _talloc_named_const ../../lib/talloc/talloc.c:982\n    #4 0x7f72122eaacf in _talloc_array ../../lib/talloc/talloc.c:2784\n    #5 0x7f72118f6a99 in data_blob_talloc_named ../../lib/util/data_blob.c:58\n    #6 0x7f72118f6b1b in data_blob_named ../../lib/util/data_blob.c:40\n    #7 0x55b8512f889c in get_challenge ../../source3/utils/ntlm_auth.c:375\n    #8 0x55b8513000c1 in test_lmv2_ntlmv2_broken ../../source3/utils/ntlm_auth_diagnostics.c:379\n    #9 0x55b851300936 in test_ntlmv2 ../../source3/utils/ntlm_auth_diagnostics.c:472\n    #10 0x55b8513009b6 in diagnose_ntlm_auth ../../source3/utils/ntlm_auth_diagnostics.c:716\n    #11 0x55b8512fcefd in main ../../source3/utils/ntlm_auth.c:2855\n    #12 0x7f720ee2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n\nDirect leak of 104 byte(s) in 1 object(s) allocated from:\n    #0 0x7f72126fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69\n    #1 0x7f72122e8c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783\n    #2 0x7f72122eaacf in __talloc ../../lib/talloc/talloc.c:825\n    #3 0x7f72122eaacf in _talloc_named_const ../../lib/talloc/talloc.c:982\n    #4 0x7f72122eaacf in _talloc_array ../../lib/talloc/talloc.c:2784\n    #5 0x7f72118f6a99 in data_blob_talloc_named ../../lib/util/data_blob.c:58\n    #6 0x7f72118f6b1b in data_blob_named ../../lib/util/data_blob.c:40\n    #7 0x55b8512f889c in get_challenge ../../source3/utils/ntlm_auth.c:375\n    #8 0x55b8512fe1a1 in test_lm_ntlm_broken ../../source3/utils/ntlm_auth_diagnostics.c:63\n    #9 0x55b8512fec3a in test_ntlm ../../source3/utils/ntlm_auth_diagnostics.c:185\n    #10 0x55b8513009b6 in diagnose_ntlm_auth ../../source3/utils/ntlm_auth_diagnostics.c:716\n    #11 0x55b8512fcefd in main ../../source3/utils/ntlm_auth.c:2855\n    #12 0x7f720ee2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n\nDirect leak of 104 byte(s) in 1 object(s) allocated from:\n    #0 0x7f72126fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69\n    #1 0x7f72122e8c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783\n    #2 0x7f72122eaacf in __talloc ../../lib/talloc/talloc.c:825\n    #3 0x7f72122eaacf in _talloc_named_const ../../lib/talloc/talloc.c:982\n    #4 0x7f72122eaacf in _talloc_array ../../lib/talloc/talloc.c:2784\n    #5 0x7f72118f6a99 in data_blob_talloc_named ../../lib/util/data_blob.c:58\n    #6 0x7f72118f6b1b in data_blob_named ../../lib/util/data_blob.c:40\n    #7 0x55b8512f889c in get_challenge ../../source3/utils/ntlm_auth.c:375\n    #8 0x55b8513000c1 in test_lmv2_ntlmv2_broken ../../source3/utils/ntlm_auth_diagnostics.c:379\n    #9 0x55b851300916 in test_lmv2 ../../source3/utils/ntlm_auth_diagnostics.c:463\n    #10 0x55b8513009b6 in diagnose_ntlm_auth ../../source3/utils/ntlm_auth_diagnostics.c:716\n    #11 0x55b8512fcefd in main ../../source3/utils/ntlm_auth.c:2855\n    #12 0x7f720ee2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n\nDirect leak of 104 byte(s) in 1 object(s) allocated from:\n    #0 0x7f72126fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69\n    #1 0x7f72122e8c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783\n    #2 0x7f72122eaacf in __talloc ../../lib/talloc/talloc.c:825\n    #3 0x7f72122eaacf in _talloc_named_const ../../lib/talloc/talloc.c:982\n    #4 0x7f72122eaacf in _talloc_array ../../lib/talloc/talloc.c:2784\n    #5 0x7f72118f6a99 in data_blob_talloc_named ../../lib/util/data_blob.c:58\n    #6 0x7f72118f6b1b in data_blob_named ../../lib/util/data_blob.c:40\n    #7 0x55b8512f889c in get_challenge ../../source3/utils/ntlm_auth.c:375\n    #8 0x55b8513000c1 in test_lmv2_ntlmv2_broken ../../source3/utils/ntlm_auth_diagnostics.c:379\n    #9 0x55b851300906 in test_ntlmv2_lmv2_broken ../../source3/utils/ntlm_auth_diagnostics.c:492\n    #10 0x55b8513009b6 in diagnose_ntlm_auth ../../source3/utils/ntlm_auth_diagnostics.c:716\n    #11 0x55b8512fcefd in main ../../source3/utils/ntlm_auth.c:2855\n    #12 0x7f720ee2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n\nDirect leak of 104 byte(s) in 1 object(s) allocated from:\n    #0 0x7f72126fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69\n    #1 0x7f72122e8c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783\n    #2 0x7f72122eaacf in __talloc ../../lib/talloc/talloc.c:825\n    #3 0x7f72122eaacf in _talloc_named_const ../../lib/talloc/talloc.c:982\n    #4 0x7f72122eaacf in _talloc_array ../../lib/talloc/talloc.c:2784\n    #5 0x7f72118f6a99 in data_blob_talloc_named ../../lib/util/data_blob.c:58\n    #6 0x7f72118f6b1b in data_blob_named ../../lib/util/data_blob.c:40\n    #7 0x55b8512f889c in get_challenge ../../source3/utils/ntlm_auth.c:375\n    #8 0x55b8513000c1 in test_lmv2_ntlmv2_broken ../../source3/utils/ntlm_auth_diagnostics.c:379\n    #9 0x55b8513008f6 in test_ntlmv2_ntlmv2_broken ../../source3/utils/ntlm_auth_diagnostics.c:497\n    #10 0x55b8513009b6 in diagnose_ntlm_auth ../../source3/utils/ntlm_auth_diagnostics.c:716\n    #11 0x55b8512fcefd in main ../../source3/utils/ntlm_auth.c:2855\n    #12 0x7f720ee2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n\nDirect leak of 104 byte(s) in 1 object(s) allocated from:\n    #0 0x7f72126fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69\n    #1 0x7f72122e8c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783\n    #2 0x7f72122eaacf in __talloc ../../lib/talloc/talloc.c:825\n    #3 0x7f72122eaacf in _talloc_named_const ../../lib/talloc/talloc.c:982\n    #4 0x7f72122eaacf in _talloc_array ../../lib/talloc/talloc.c:2784\n    #5 0x7f72118f6a99 in data_blob_talloc_named ../../lib/util/data_blob.c:58\n    #6 0x7f72118f6b1b in data_blob_named ../../lib/util/data_blob.c:40\n    #7 0x55b8512f889c in get_challenge ../../source3/utils/ntlm_auth.c:375\n    #8 0x55b8512fe1a1 in test_lm_ntlm_broken ../../source3/utils/ntlm_auth_diagnostics.c:63\n    #9 0x55b8512fec26 in test_ntlm_lm_broken ../../source3/utils/ntlm_auth_diagnostics.c:482\n    #10 0x55b8513009b6 in diagnose_ntlm_auth ../../source3/utils/ntlm_auth_diagnostics.c:716\n    #11 0x55b8512fcefd in main ../../source3/utils/ntlm_auth.c:2855\n    #12 0x7f720ee2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n\nDirect leak of 104 byte(s) in 1 object(s) allocated from:\n    #0 0x7f72126fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69\n    #1 0x7f72122e8c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783\n    #2 0x7f72122eaacf in __talloc ../../lib/talloc/talloc.c:825\n    #3 0x7f72122eaacf in _talloc_named_const ../../lib/talloc/talloc.c:982\n    #4 0x7f72122eaacf in _talloc_array ../../lib/talloc/talloc.c:2784\n    #5 0x7f72118f6a99 in data_blob_talloc_named ../../lib/util/data_blob.c:58\n    #6 0x7f72118f6b1b in data_blob_named ../../lib/util/data_blob.c:40\n    #7 0x55b8512f889c in get_challenge ../../source3/utils/ntlm_auth.c:375\n    #8 0x55b8512fe1a1 in test_lm_ntlm_broken ../../source3/utils/ntlm_auth_diagnostics.c:63\n    #9 0x55b8512fec62 in test_lm ../../source3/utils/ntlm_auth_diagnostics.c:176\n    #10 0x55b8513009b6 in diagnose_ntlm_auth ../../source3/utils/ntlm_auth_diagnostics.c:716\n    #11 0x55b8512fcefd in main ../../source3/utils/ntlm_auth.c:2855\n    #12 0x7f720ee2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n\n-----------------------------------------------------\nSuppressions used:\n  count      bytes template\n      1        125 libpopt.so\n-----------------------------------------------------\n\nSUMMARY: AddressSanitizer: 1144 byte(s) leaked in 11 allocation(s).\n''; message: expected return code 0; got 1

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
---

diff --git a/source3/utils/ntlm_auth_diagnostics.c b/source3/utils/ntlm_auth_diagnostics.c
index fa6b73b7e2c..126eddeaa32 100644
--- a/source3/utils/ntlm_auth_diagnostics.c
+++ b/source3/utils/ntlm_auth_diagnostics.c
@@ -61,7 +61,7 @@ static bool test_lm_ntlm_broken(enum ntlm_break break_which,
 	uchar lm_hash[16];
 	uchar nt_hash[16];
 	DATA_BLOB chall = get_challenge();
-	char *error_string;
+	char *error_string = NULL;
 
 	ZERO_STRUCT(lm_key);
 	ZERO_STRUCT(user_session_key);
@@ -104,18 +104,13 @@ static bool test_lm_ntlm_broken(enum ntlm_break break_which,
 					      user_session_key,
 					      &authoritative,
 					      &error_string, NULL);
-
-	data_blob_free(&lm_response);
-	data_blob_free(&nt_response);
-
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		d_printf("%s (0x%x)\n",
 			 error_string,
 			 NT_STATUS_V(nt_status));
-		SAFE_FREE(error_string);
-		data_blob_free(&session_key);
 
-		return break_which == BREAK_NT;
+		pass = (break_which == BREAK_NT);
+		goto done;
 	}
 
 	/* If we are told the DC is Samba4, expect an LM key of zeros */
@@ -161,7 +156,12 @@ static bool test_lm_ntlm_broken(enum ntlm_break break_which,
 			pass = False;
 		}
 	}
+
+done:
+	data_blob_free(&lm_response);
+	data_blob_free(&nt_response);
 	data_blob_free(&session_key);
+	SAFE_FREE(error_string);
 
         return pass;
 }