From 4f44e211fbb2de3628b7f5ce6cc48075756791a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= Date: Fri, 19 Oct 2012 11:31:08 +0200 Subject: [PATCH 1/3] do not leak memory on failure in *_process_init() --- src/responder/autofs/autofssrv.c | 13 +++++++++---- src/responder/common/responder_common.c | 24 ++++++++++++++---------- src/responder/nss/nsssrv.c | 19 ++++++++++++------- src/responder/pac/pacsrv.c | 17 +++++++++++------ src/responder/pam/pamsrv.c | 2 +- src/responder/ssh/sshsrv.c | 12 ++++++++---- src/responder/sudo/sudosrv.c | 10 +++++++--- 7 files changed, 62 insertions(+), 35 deletions(-) diff --git a/src/responder/autofs/autofssrv.c b/src/responder/autofs/autofssrv.c index 93deffd94fc61119e886c84412518db039ea1aad..ef90207fec17bf0700af40ca678483d3157f74f9 100644 --- a/src/responder/autofs/autofssrv.c +++ b/src/responder/autofs/autofssrv.c @@ -144,7 +144,7 @@ autofs_process_init(TALLOC_CTX *mem_ctx, ret = autofs_get_config(autofs_ctx, cdb); if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Cannot read autofs configuration\n")); - return ret; + goto fail; } autofs_cmds = get_autofs_cmds(); @@ -159,7 +159,7 @@ autofs_process_init(TALLOC_CTX *mem_ctx, &autofs_dp_interface, &autofs_ctx->rctx); if (ret != EOK) { - return ret; + goto fail; } autofs_ctx->rctx->pvt_ctx = autofs_ctx; @@ -171,7 +171,7 @@ autofs_process_init(TALLOC_CTX *mem_ctx, if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to set up automatic reconnection\n")); - return ret; + goto fail; } for (iter = autofs_ctx->rctx->be_conns; iter; iter = iter->next) { @@ -185,11 +185,16 @@ autofs_process_init(TALLOC_CTX *mem_ctx, if (hret != HASH_SUCCESS) { DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to initialize automount maps hash table\n")); - return EIO; + ret = EIO; + goto fail; } DEBUG(SSSDBG_TRACE_FUNC, ("autofs Initialization complete\n")); return EOK; + +fail: + talloc_free(autofs_ctx); + return ret; } int main(int argc, const char *argv[]) diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 824c649a8c71ffad83e42e019292ea727ae2e4bf..30a7cb24859558c034e227a145b92e87a5cea7a6 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -770,7 +770,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, DEBUG(SSSDBG_OP_FAILURE, ("Cannot get the client idle timeout [%d]: %s\n", ret, strerror(ret))); - return ret; + goto fail; } /* Ensure that the client timeout is at least ten seconds */ @@ -785,7 +785,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, DEBUG(SSSDBG_OP_FAILURE, ("Cannnot get the default domain timeout [%d]: %s\n", ret, strerror(ret))); - return ret; + goto fail; } if (rctx->domains_timeout < 0) { @@ -796,7 +796,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, ret = confdb_get_domains(rctx->cdb, &rctx->domains); if (ret != EOK) { DEBUG(0, ("fatal error setting up domain map\n")); - return ret; + goto fail; } ret = confdb_get_string(rctx->cdb, rctx, CONFDB_MONITOR_CONF_ENTRY, @@ -806,7 +806,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, DEBUG(SSSDBG_OP_FAILURE, ("Cannnot get the default domain [%d]: %s\n", ret, strerror(ret))); - return ret; + goto fail; } ret = sss_monitor_init(rctx, rctx->ev, monitor_intf, @@ -814,7 +814,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, &rctx->mon_conn); if (ret != EOK) { DEBUG(0, ("fatal error setting up message bus\n")); - return ret; + goto fail; } for (dom = rctx->domains; dom; dom = get_next_domain(dom, false)) { @@ -823,7 +823,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, DEBUG(SSSDBG_FATAL_FAILURE, ("fatal error initializing regex data for domain: %s\n", dom->name)); - return ret; + goto fail; } /* skip local domain, it doesn't have a backend */ @@ -834,7 +834,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, ret = sss_dp_init(rctx, dp_intf, cli_name, dom); if (ret != EOK) { DEBUG(0, ("fatal error setting up backend connector\n")); - return ret; + goto fail; } } @@ -842,14 +842,14 @@ int sss_process_init(TALLOC_CTX *mem_ctx, if (ret != EOK) { SYSDB_VERSION_ERROR_DAEMON(ret); DEBUG(0, ("fatal error initializing resp_ctx\n")); - return ret; + goto fail; } /* after all initializations we are ready to listen on our socket */ ret = set_unix_socket(rctx); if (ret != EOK) { DEBUG(0, ("fatal error initializing socket\n")); - return ret; + goto fail; } /* Create DP request table */ @@ -857,13 +857,17 @@ int sss_process_init(TALLOC_CTX *mem_ctx, if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Could not create hash table for the request queue\n")); - return ret; + goto fail; } DEBUG(SSSDBG_TRACE_FUNC, ("Responder Initialization complete\n")); *responder_ctx = rctx; return EOK; + +fail: + talloc_free(rctx); + return ret; } int sss_dp_get_domain_conn(struct resp_ctx *rctx, const char *domain, diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c index 083e91d7f69d758fcecc99f2fcaac613cff41c3f..e5334129d677cf581637c79305f56df8916e855c 100644 --- a/src/responder/nss/nsssrv.c +++ b/src/responder/nss/nsssrv.c @@ -412,7 +412,7 @@ int nss_process_init(TALLOC_CTX *mem_ctx, ret = sss_ncache_init(nctx, &nctx->ncache); if (ret != EOK) { DEBUG(0, ("fatal error initializing negative cache\n")); - return ret; + goto fail; } nss_cmds = get_nss_cmds(); @@ -427,14 +427,14 @@ int nss_process_init(TALLOC_CTX *mem_ctx, "NSS", &nss_dp_interface, &nctx->rctx); if (ret != EOK) { - return ret; + goto fail; } nctx->rctx->pvt_ctx = nctx; ret = nss_get_config(nctx, cdb); if (ret != EOK) { DEBUG(0, ("fatal error getting nss config\n")); - return ret; + goto fail; } /* Enable automatic reconnection to the Data Provider */ @@ -444,7 +444,7 @@ int nss_process_init(TALLOC_CTX *mem_ctx, 3, &max_retries); if (ret != EOK) { DEBUG(0, ("Failed to set up automatic reconnection\n")); - return ret; + goto fail; } for (iter = nctx->rctx->be_conns; iter; iter = iter->next) { @@ -456,7 +456,8 @@ int nss_process_init(TALLOC_CTX *mem_ctx, hret = sss_hash_create(nctx, 10, &nctx->netgroups); if (hret != HASH_SUCCESS) { DEBUG(0,("Unable to initialize netgroup hash table\n")); - return EIO; + ret = EIO; + goto fail; } /* create mmap caches */ @@ -476,7 +477,7 @@ int nss_process_init(TALLOC_CTX *mem_ctx, 300, &memcache_timeout); if (ret != EOK) { DEBUG(0, ("Failed to set up automatic reconnection\n")); - return ret; + goto fail; } /* TODO: read cache sizes from configuration */ @@ -503,13 +504,17 @@ int nss_process_init(TALLOC_CTX *mem_ctx, if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to set up file descriptor limit\n")); - return ret; + goto fail; } responder_set_fd_limit(fd_limit); DEBUG(SSSDBG_TRACE_FUNC, ("NSS Initialization complete\n")); return EOK; + +fail: + talloc_free(nctx); + return ret; } int main(int argc, const char *argv[]) diff --git a/src/responder/pac/pacsrv.c b/src/responder/pac/pacsrv.c index 036dd6a5fec6233a8a7e9529bba536ad55104b22..29447c4713bb2a713e90e89fc28a724e852e7aca 100644 --- a/src/responder/pac/pacsrv.c +++ b/src/responder/pac/pacsrv.c @@ -145,7 +145,7 @@ int pac_process_init(TALLOC_CTX *mem_ctx, "PAC", &pac_dp_interface, &pac_ctx->rctx); if (ret != EOK) { - return ret; + goto fail; } pac_ctx->rctx->pvt_ctx = pac_ctx; @@ -155,7 +155,7 @@ int pac_process_init(TALLOC_CTX *mem_ctx, DEFAULT_ALLOWED_UIDS, &uid_str); if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to get allowed UIDs.\n")); - return ret; + goto fail; } ret = csv_string_to_uid_array(pac_ctx->rctx, uid_str, true, @@ -163,7 +163,7 @@ int pac_process_init(TALLOC_CTX *mem_ctx, &pac_ctx->rctx->allowed_uids); if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to set allowed UIDs.\n")); - return ret; + goto fail; } /* Enable automatic reconnection to the Data Provider */ @@ -173,7 +173,7 @@ int pac_process_init(TALLOC_CTX *mem_ctx, 3, &max_retries); if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to set up automatic reconnection\n")); - return ret; + goto fail; } for (iter = pac_ctx->rctx->be_conns; iter; iter = iter->next) { @@ -185,7 +185,8 @@ int pac_process_init(TALLOC_CTX *mem_ctx, &pac_ctx->idmap_ctx); if (err != IDMAP_SUCCESS) { DEBUG(SSSDBG_FATAL_FAILURE, ("sss_idmap_init failed.\n")); - return EFAULT; + ret = EFAULT; + goto fail; } /* Set up file descriptor limits */ @@ -197,13 +198,17 @@ int pac_process_init(TALLOC_CTX *mem_ctx, if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to set up file descriptor limit\n")); - return ret; + goto fail; } responder_set_fd_limit(fd_limit); DEBUG(SSSDBG_TRACE_FUNC, ("PAC Initialization complete\n")); return EOK; + +fail: + talloc_free(pac_ctx); + return ret; } int main(int argc, const char *argv[]) diff --git a/src/responder/pam/pamsrv.c b/src/responder/pam/pamsrv.c index f0c89a9665478867ab2b1c27bf3003d9753cefcb..e5bb9009b16693d0f7947a5a4c5ac93abdb4231d 100644 --- a/src/responder/pam/pamsrv.c +++ b/src/responder/pam/pamsrv.c @@ -195,7 +195,7 @@ static int pam_process_init(TALLOC_CTX *mem_ctx, if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to set up file descriptor limit\n")); - return ret; + goto done; } responder_set_fd_limit(fd_limit); diff --git a/src/responder/ssh/sshsrv.c b/src/responder/ssh/sshsrv.c index 80a558b5244792ff7545d480ef98c06def81d891..fe6956aba1746684695b379a3324eeefec133e84 100644 --- a/src/responder/ssh/sshsrv.c +++ b/src/responder/ssh/sshsrv.c @@ -109,7 +109,7 @@ int ssh_process_init(TALLOC_CTX *mem_ctx, &ssh_dp_interface, &ssh_ctx->rctx); if (ret != EOK) { - return ret; + goto fail; } ssh_ctx->rctx->pvt_ctx = ssh_ctx; @@ -121,7 +121,7 @@ int ssh_process_init(TALLOC_CTX *mem_ctx, if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to set up automatic reconnection\n")); - return ret; + goto fail; } for (iter = ssh_ctx->rctx->be_conns; iter; iter = iter->next) { @@ -139,7 +139,7 @@ int ssh_process_init(TALLOC_CTX *mem_ctx, if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Error reading from confdb (%d) [%s]\n", ret, strerror(ret))); - return ret; + goto fail; } /* Get ssh_known_hosts_timeout option */ @@ -150,12 +150,16 @@ int ssh_process_init(TALLOC_CTX *mem_ctx, if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Error reading from confdb (%d) [%s]\n", ret, strerror(ret))); - return ret; + goto fail; } DEBUG(SSSDBG_TRACE_FUNC, ("SSH Initialization complete\n")); return EOK; + +fail: + talloc_free(ssh_ctx); + return ret; } int main(int argc, const char *argv[]) diff --git a/src/responder/sudo/sudosrv.c b/src/responder/sudo/sudosrv.c index cbcbe2132cd5323741b6d9add9c06a239e34680c..4081760106d9ceb612d3531ade0a89abf22022e4 100644 --- a/src/responder/sudo/sudosrv.c +++ b/src/responder/sudo/sudosrv.c @@ -110,7 +110,7 @@ int sudo_process_init(TALLOC_CTX *mem_ctx, &sudo_dp_interface, &sudo_ctx->rctx); if (ret != EOK) { - return ret; + goto fail; } sudo_ctx->rctx->pvt_ctx = sudo_ctx; @@ -122,7 +122,7 @@ int sudo_process_init(TALLOC_CTX *mem_ctx, if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to set up automatic reconnection\n")); - return ret; + goto fail; } for (iter = sudo_ctx->rctx->be_conns; iter; iter = iter->next) { @@ -140,12 +140,16 @@ int sudo_process_init(TALLOC_CTX *mem_ctx, if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, ("Error reading from confdb (%d) [%s]\n", ret, strerror(ret))); - return ret; + goto fail; } DEBUG(SSSDBG_TRACE_FUNC, ("SUDO Initialization complete\n")); return EOK; + +fail: + talloc_free(sudo_ctx); + return ret; } int main(int argc, const char *argv[]) -- 1.7.11.7