[Fedora-directory-commits] ldapserver/ldap/synctools/passwordsync/passhook passhook.cpp, 1.7, 1.7.2.1

Nathan Kinder (nkinder) fedora-directory-commits at redhat.com
Wed Mar 22 18:53:39 UTC 2006 

Author: nkinder

Update of /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passhook
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30812/passhook

Modified Files:
      Tag: Directory71RtmBranch
	passhook.cpp 
Log Message:
186171 - Fixed memory leaks in passhook.dll


Index: passhook.cpp
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passhook/passhook.cpp,v
retrieving revision 1.7
retrieving revision 1.7.2.1
diff -u -r1.7 -r1.7.2.1
--- passhook.cpp	19 Apr 2005 22:07:43 -0000	1.7
+++ passhook.cpp	22 Mar 2006 18:53:32 -0000	1.7.2.1
@@ -50,8 +50,6 @@
 
 NTSTATUS NTAPI PasswordChangeNotify(PUNICODE_STRING UserName, ULONG RelativeId, PUNICODE_STRING Password)
 {
-	char singleByteUsername[PASSHAND_BUF_SIZE];
-	char singleBytePassword[PASSHAND_BUF_SIZE];
 	HANDLE passhookEventHandle = OpenEvent(EVENT_MODIFY_STATE, FALSE, PASSHAND_EVENT_NAME);
 	PASS_INFO newPassInfo;
 	PASS_INFO_LIST passInfoList;
@@ -78,18 +76,34 @@
 	}
 	RegCloseKey(regKey);
 
-	_snprintf(singleByteUsername, PASSHAND_BUF_SIZE, "%S", UserName->Buffer);
-	singleByteUsername[UserName->Length / 2] = '\0';
-	_snprintf(singleBytePassword, PASSHAND_BUF_SIZE, "%S", Password->Buffer);
-	singleBytePassword[Password->Length / 2] = '\0';
+	// This memory will be free'd by calling clearSet below
+	newPassInfo.username = (char*)malloc((UserName->Length / 2) + 1);
+	newPassInfo.password = (char*)malloc((Password->Length / 2) + 1);
+
+	if (newPassInfo.username && newPassInfo.password) {
+		_snprintf(newPassInfo.username, (UserName->Length / 2), "%S", UserName->Buffer);
+		_snprintf(newPassInfo.password, (Password->Length / 2), "%S", Password->Buffer);
+		newPassInfo.username[UserName->Length / 2] = '\0';
+		newPassInfo.password[Password->Length / 2] = '\0';
+	} else {
+		if(outLog.is_open()) {
+			timeStamp(&outLog);
+			outLog << "failed to allocate memory for username and password" << endl;
+		}
+		free(newPassInfo.username);
+		free(newPassInfo.password);
+		goto exit;
+	}
 
 	if(outLog.is_open())
 	{
 		timeStamp(&outLog);
-		outLog << "user " << singleByteUsername << " password changed" << endl;
-		//outLog << "user " << singleByteUsername << " password changed to " << singleBytePassword << endl;
+		outLog << "user " << newPassInfo.username << " password changed" << endl;
+		//outLog << "user " << newPassInfo.username << " password changed to " << newPassInfo.password << endl;
 	}
 
+	// loadSet allocates memory for the usernames and password.  We need to be
+	// sure to free it by calling clearSet.
 	if(loadSet(&passInfoList, "passhook.dat") == 0)
 	{
 		if(outLog.is_open())
@@ -107,10 +121,10 @@
 		}
 	}
 
-	newPassInfo.username = singleByteUsername;
-	newPassInfo.password = singleBytePassword;
+	// Add the new change to the list
 	passInfoList.push_back(newPassInfo);
 
+	// Save the list to disk
 	if(saveSet(&passInfoList, "passhook.dat") == 0)
 	{
 		if(outLog.is_open())
@@ -128,6 +142,10 @@
 		}
 	}
 
+	// We need to call clearSet so memory gets free'd
+	clearSet(&passInfoList);
+
+exit:
 	if(passhookEventHandle == NULL)
 	{
 		if(outLog.is_open())
@@ -140,6 +158,7 @@
 	else
 	{
 		SetEvent(passhookEventHandle);
+		CloseHandle(passhookEventHandle);
 	}
 
 	outLog.close();

More information about the Fedora-directory-commits mailing list