From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Date: Thu, 16 Nov 2023 23:01:15 +0000 (+1300)
Subject: libcli/security: avoid leak on SDDL encode failure
X-Git-Tag: talloc-2.4.2~498
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e338625ebf1d595e10bfb55a8e35b5b48d8f2c28;p=thirdparty%2Fsamba.git

libcli/security: avoid leak on SDDL encode failure

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/libcli/security/sddl.c b/libcli/security/sddl.c
index 1f2ac644f67..3b92404634c 100644
--- a/libcli/security/sddl.c
+++ b/libcli/security/sddl.c
@@ -1289,7 +1289,10 @@ char *sddl_encode(TALLOC_CTX *mem_ctx, const struct security_descriptor *sd,
 	sddl = talloc_strdup(mem_ctx, "");
 	if (sddl == NULL) goto failed;
 
-	tmp_ctx = talloc_new(mem_ctx);
+	tmp_ctx = talloc_new(sddl);
+	if (tmp_ctx == NULL) {
+		goto failed;
+	}
 
 	if (sd->owner_sid != NULL) {
 		char *sid = sddl_transition_encode_sid(tmp_ctx, sd->owner_sid, &state);