[SSSD] [sssd PR#392][comment] GPO: Don't use freed LDAPURLDesc if domain for AD DC cannot be found

26 Sep 2017


      URL: https://github.com/SSSD/sssd/pull/392
Title: #392: GPO: Don't use freed LDAPURLDesc if domain for AD DC cannot be found
jhrozek commented:
"""
yes, it's only about debug message. See:
```
    state->ref_domain = find_domain_by_name(state->host_domain,
                                            lud->lud_host, true);
---> here we use the valid lud for the last time before freeing it on the next line
    ldap_free_urldesc(lud);
    if (!state->ref_domain) {
        DEBUG(SSSDBG_CRIT_FAILURE,
              "Could not find domain matching [%s]\n",
              lud->lud_host);
---> use after free, after that we abort
        ret = EIO;
        goto done;
    }
state->conn = ad_get_dom_ldap_conn(state->access_ctx->ad_id_ctx,
                                       state->ref_domain);
    if (!state->conn) {
        DEBUG(SSSDBG_OP_FAILURE,
              "No connection for %s\n", state->ref_domain->name);
        ret = EINVAL;
        goto done;
    }
/* Get the hostname we're going to connect to.
     * We'll need this later for performing the samba
     * connection.
     */
ret = ldap_url_parse(state->conn->service->uri, &lud);
---> here we assign a new value to lud
```
"""
See the full comment at https://github.com/SSSD/sssd/pull/392#issuecomment-332302996

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

[SSSD] [sssd PR#392][comment] GPO: Don't use freed LDAPURLDesc if domain for AD DC cannot be found