From b25e63710eb247a03cc2da99f44eace6cda2c50d Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Mon, 14 Oct 2024 13:29:21 +0200
Subject: [PATCH] libcli: avoid work in security token debug no-op

When the debug level is too low to print, we don't need to allocate
the strings.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15737

Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
---
 libcli/security/security_token.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/libcli/security/security_token.c b/libcli/security/security_token.c
index 0218eed1722..a79f5925ea2 100644
--- a/libcli/security/security_token.c
+++ b/libcli/security/security_token.c
@@ -80,17 +80,22 @@ struct security_token *security_token_duplicate(TALLOC_CTX *mem_ctx, const struc
 ****************************************************************************/
 void security_token_debug(int dbg_class, int dbg_lev, const struct security_token *token)
 {
-	TALLOC_CTX *frame = talloc_stackframe();
+	TALLOC_CTX *frame = NULL;
 	char *sids = NULL;
 	char *privs = NULL;
 	uint32_t i;
 
+	if (!CHECK_DEBUGLVLC(dbg_class, dbg_lev)) {
+		return;
+	}
+
 	if (!token) {
 		DEBUGC(dbg_class, dbg_lev, ("Security token: (NULL)\n"));
-		TALLOC_FREE(frame);
 		return;
 	}
 
+	frame = talloc_stackframe();
+
 	sids = talloc_asprintf(frame,
 			       "Security token SIDs (%" PRIu32 "):\n",
 			       token->num_sids);
-- 
2.47.2