s4:auth: Allocate user_info_dc->sids on correct talloc context

‘user_info_dc->sids’ must live for at least as long as ‘user_info_dc’,
or a use-after-free may result.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index 6d25afa61310b30bb6e21b9745ec1a4cfcf20451..3b34525b7e161d311fac2c625d3707d9ead46fcb 100644 (file)
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -787,7 +787,7 @@ NTSTATUS authsam_shallow_copy_user_info_dc(TALLOC_CTX *mem_ctx,
                 * tries to call talloc_realloc() on the original or the copy
                 * will fail when called for any referenced talloc context.
                 */
-               user_info_dc->sids = talloc_memdup(mem_ctx,
+               user_info_dc->sids = talloc_memdup(user_info_dc,
                                                   user_info_dc->sids,
                                                   talloc_get_size(user_info_dc->sids));
                if (user_info_dc->sids == NULL) {