From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 8 Feb 2022 15:50:14 +0000 (+0100)
Subject: s4:kdc: make the logic between ZERO_STRUCTP(entry_ex) and sdb_free_entry(entry_ex... 
X-Git-Tag: tevent-0.12.0~325
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=788ccb8cb99f56128331d98ec08c521547b98232;p=thirdparty%2Fsamba.git

s4:kdc: make the logic between ZERO_STRUCTP(entry_ex) and sdb_free_entry(entry_ex) clearer

samba_kdc_[trust_]message2entry() always starts with
ZERO_STRUCTP(entry_ex) and cleans up on error with
sdb_free_entry(entry_ex), leaving a cleared structure again.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14054

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c
index 616c39c9c30..3c9540eb348 100644
--- a/source4/kdc/db-glue.c
+++ b/source4/kdc/db-glue.c
@@ -507,10 +507,6 @@ static krb5_error_code samba_kdc_message2entry_keys(krb5_context context,
 		}
 	}
 
-	entry_ex->entry.keys.val = NULL;
-	entry_ex->entry.keys.len = 0;
-	entry_ex->entry.kvno = 0;
-
 	if ((ent_type == SAMBA_KDC_ENT_TYPE_CLIENT)
 	    && (userAccountControl & UF_SMARTCARD_REQUIRED)) {
 		ret = samba_kdc_set_random_keys(context,
@@ -919,6 +915,8 @@ static krb5_error_code samba_kdc_message2entry(krb5_context context,
 	struct ldb_val computer_val = data_blob_string_const("computer");
 	const char *samAccountName = ldb_msg_find_attr_as_string(msg, "samAccountName", NULL);
 
+	ZERO_STRUCTP(entry_ex);
+
 	if (ldb_msg_find_element(msg, "msDS-SecondaryKrbTgtNumber")) {
 		is_rodc = true;
 	}
@@ -935,8 +933,6 @@ static krb5_error_code samba_kdc_message2entry(krb5_context context,
 		is_computer = TRUE;
 	}
 
-	ZERO_STRUCTP(entry_ex);
-
 	p = talloc_zero(mem_ctx, struct samba_kdc_entry);
 	if (!p) {
 		ret = ENOMEM;
@@ -1339,7 +1335,6 @@ out:
 	if (ret != 0) {
 		/* This doesn't free ent itself, that is for the eventual caller to do */
 		sdb_free_entry(entry_ex);
-		ZERO_STRUCTP(entry_ex);
 	} else {
 		talloc_steal(kdc_db_ctx, p);
 	}
@@ -1389,6 +1384,8 @@ static krb5_error_code samba_kdc_trust_message2entry(krb5_context context,
 	struct lsa_TrustDomainInfoInfoEx *tdo = NULL;
 	NTSTATUS status;
 
+	ZERO_STRUCTP(entry_ex);
+
 	if (dsdb_functional_level(kdc_db_ctx->samdb) >= DS_DOMAIN_FUNCTION_2008) {
 		supported_enctypes = ldb_msg_find_attr_as_uint(msg,
 					"msDS-SupportedEncryptionTypes",
@@ -1478,9 +1475,6 @@ static krb5_error_code samba_kdc_trust_message2entry(krb5_context context,
 
 	talloc_set_destructor(p, samba_kdc_entry_destructor);
 
-	/* make sure we do not have bogus data in there */
-	memset(&entry_ex->entry, 0, sizeof(struct sdb_entry));
-
 	entry_ex->entry.skdc_entry = p;
 
 	/* use 'whenCreated' */