From: Jeremy Allison <jra@samba.org>
Date: Wed, 16 Sep 2020 19:48:21 +0000 (-0700)
Subject: CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Fix mem leak onto p->mem_ctx in... 
X-Git-Tag: talloc-2.3.2~465
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9ec8b59bdea19c99099a718ff9e04cd854563e11;p=thirdparty%2Fsamba.git

CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Fix mem leak onto p->mem_ctx in error path of _netr_ServerPasswordSet2().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
---

diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
index 548efb44ad2..2b68a2db15a 100644
--- a/source3/rpc_server/netlogon/srv_netlog_nt.c
+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
@@ -1386,6 +1386,7 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p,
 						      516);
 	}
 	if (!NT_STATUS_IS_OK(status)) {
+		TALLOC_FREE(creds);
 		return status;
 	}