72 lines
2.3 KiB
Diff
72 lines
2.3 KiB
Diff
From 137649fc01e6914bbb86a2f5f16c7e03a2fa132d Mon Sep 17 00:00:00 2001
|
|
From: Alexander Bokovoy <ab@samba.org>
|
|
Date: Fri, 22 Jan 2016 11:44:03 +0200
|
|
Subject: [PATCH] s3-parm: clean up defaults when removing global parameters
|
|
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11693
|
|
|
|
When globals are re-initialized, they are cleared and globals' talloc
|
|
context is freed. However, parm_table still contains a reference to the
|
|
global value in the defaults. This confuses lpcfg_string_free() after
|
|
commit 795c543d858b2452f062a02846c2f908fe4cffe4 because it tries to
|
|
free already freed pointer which is passed by lp_save_defaults():
|
|
|
|
....
|
|
case P_STRING:
|
|
case P_USTRING:
|
|
lpcfg_string_set(Globals.ctx,
|
|
&parm_table[i].def.svalue,
|
|
*(char **)lp_parm_ptr(NULL, &parm_table[i]));
|
|
....
|
|
|
|
here &parm_table[i].def.svalue is passed to lpcfg_string_free() but it
|
|
is a pointer to a value allocated with previous Globals.ctx which
|
|
already was freed.
|
|
|
|
This specifically affects registry backend of smb.conf in lp_load_ex()
|
|
where init_globals() called explicitly to re-init globals after
|
|
lp_save_defaults() if we have registry backend defined.
|
|
|
|
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
Signed-off-by: Alexander Bokovoy <ab@samba.org>
|
|
|
|
Autobuild-User(master): Uri Simchoni <uri@samba.org>
|
|
Autobuild-Date(master): Mon Jan 25 23:58:42 CET 2016 on sn-devel-144
|
|
---
|
|
source3/param/loadparm.c | 17 +++++++++++++++++
|
|
1 file changed, 17 insertions(+)
|
|
|
|
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
|
|
index 94de252..9bd47dc 100644
|
|
--- a/source3/param/loadparm.c
|
|
+++ b/source3/param/loadparm.c
|
|
@@ -402,8 +402,25 @@ static void free_parameters_by_snum(int snum)
|
|
*/
|
|
static void free_global_parameters(void)
|
|
{
|
|
+ uint32_t i;
|
|
+ struct parm_struct *parm;
|
|
+
|
|
free_param_opts(&Globals.param_opt);
|
|
free_parameters_by_snum(GLOBAL_SECTION_SNUM);
|
|
+
|
|
+ /* Reset references in the defaults because the context is going to be freed */
|
|
+ for (i=0; parm_table[i].label; i++) {
|
|
+ parm = &parm_table[i];
|
|
+ if ((parm->type == P_STRING) ||
|
|
+ (parm->type == P_USTRING)) {
|
|
+ if ((parm->def.svalue != NULL) &&
|
|
+ (*(parm->def.svalue) != '\0')) {
|
|
+ if (talloc_parent(parm->def.svalue) == Globals.ctx) {
|
|
+ parm->def.svalue = NULL;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
TALLOC_FREE(Globals.ctx);
|
|
}
|
|
|
|
--
|
|
2.5.5
|
|
|