From 9a51a9c44ef58db93e0adcc32e4e59814ca749c2 Mon Sep 17 00:00:00 2001 From: Alexandre Julliard Date: Wed, 11 Aug 2021 18:11:58 +0200 Subject: [PATCH] msv1_0: Move context allocation to the PE side. Signed-off-by: Alexandre Julliard --- dlls/msv1_0/main.c | 21 +++++++++++++++++---- dlls/msv1_0/unixlib.c | 29 +++++++++-------------------- dlls/msv1_0/unixlib.h | 2 +- 3 files changed, 27 insertions(+), 25 deletions(-) diff --git a/dlls/msv1_0/main.c b/dlls/msv1_0/main.c index df9d0dd0f1a..6d0af9e1ec3 100644 --- a/dlls/msv1_0/main.c +++ b/dlls/msv1_0/main.c @@ -655,7 +655,9 @@ static NTSTATUS NTAPI ntlm_SpInitLsaModeContext( LSA_SEC_HANDLE cred_handle, LSA argv[4] = NULL; } - if ((status = ntlm_funcs->fork( argv, &ctx )) != SEC_E_OK) goto done; + if (!(ctx = calloc( 1, sizeof(*ctx) ))) goto done; + + if ((status = ntlm_funcs->fork( ctx, argv )) != SEC_E_OK) goto done; status = SEC_E_INSUFFICIENT_MEMORY; ctx->mode = MODE_CLIENT; @@ -838,7 +840,11 @@ static NTSTATUS NTAPI ntlm_SpInitLsaModeContext( LSA_SEC_HANDLE cred_handle, LSA } done: - if (status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) ntlm_funcs->cleanup( ctx ); + if (status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) + { + ntlm_funcs->cleanup( ctx ); + free( ctx ); + } free( username ); free( domain ); free( password ); @@ -892,10 +898,12 @@ static NTSTATUS NTAPI ntlm_SpAcceptLsaModeContext( LSA_SEC_HANDLE cred_handle, L } else bin_len = input->pBuffers[0].cbBuffer; + if (!(ctx = calloc( 1, sizeof(*ctx) ))) goto done; + argv[0] = (char *)"ntlm_auth"; argv[1] = (char *)"--helper-protocol=squid-2.5-ntlmssp"; argv[2] = NULL; - if ((status = ntlm_funcs->fork( argv, &ctx )) != SEC_E_OK) goto done; + if ((status = ntlm_funcs->fork( ctx, argv )) != SEC_E_OK) goto done; ctx->mode = MODE_SERVER; if (!(want_flags = malloc( 73 ))) @@ -1048,7 +1056,11 @@ static NTSTATUS NTAPI ntlm_SpAcceptLsaModeContext( LSA_SEC_HANDLE cred_handle, L } done: - if (status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) ntlm_funcs->cleanup( ctx ); + if (status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) + { + ntlm_funcs->cleanup( ctx ); + free( ctx ); + } free( buf ); free( bin ); free( want_flags ); @@ -1065,6 +1077,7 @@ static NTSTATUS NTAPI ntlm_SpDeleteContext( LSA_SEC_HANDLE handle ) if (!ctx) return SEC_E_INVALID_HANDLE; ntlm_funcs->cleanup( ctx ); + free( ctx ); return SEC_E_OK; } diff --git a/dlls/msv1_0/unixlib.c b/dlls/msv1_0/unixlib.c index 83975803aa2..d9482c4857a 100644 --- a/dlls/msv1_0/unixlib.c +++ b/dlls/msv1_0/unixlib.c @@ -24,6 +24,7 @@ #endif #include +#include #include #include #include @@ -49,7 +50,7 @@ static SECURITY_STATUS read_line( struct ntlm_ctx *ctx, unsigned int *offset ) if (!ctx->com_buf) { - if (!(ctx->com_buf = RtlAllocateHeap( GetProcessHeap(), 0, INITIAL_BUFFER_SIZE ))) + if (!(ctx->com_buf = malloc( INITIAL_BUFFER_SIZE ))) return SEC_E_INSUFFICIENT_MEMORY; ctx->com_buf_size = INITIAL_BUFFER_SIZE; ctx->com_buf_offset = 0; @@ -60,7 +61,7 @@ static SECURITY_STATUS read_line( struct ntlm_ctx *ctx, unsigned int *offset ) ssize_t size; if (ctx->com_buf_offset + INITIAL_BUFFER_SIZE > ctx->com_buf_size) { - char *buf = RtlReAllocateHeap( GetProcessHeap(), 0, ctx->com_buf, ctx->com_buf_size + INITIAL_BUFFER_SIZE ); + char *buf = realloc( ctx->com_buf, ctx->com_buf_size + INITIAL_BUFFER_SIZE ); if (!buf) return SEC_E_INSUFFICIENT_MEMORY; ctx->com_buf_size += INITIAL_BUFFER_SIZE; ctx->com_buf = buf; @@ -125,14 +126,12 @@ static void CDECL ntlm_cleanup( struct ntlm_ctx *ctx ) } while (ret < 0 && errno == EINTR); } - RtlFreeHeap( GetProcessHeap(), 0, ctx->com_buf ); - RtlFreeHeap( GetProcessHeap(), 0, ctx ); + free( ctx->com_buf ); } -static SECURITY_STATUS CDECL ntlm_fork( char **argv, struct ntlm_ctx **ret_ctx ) +static SECURITY_STATUS CDECL ntlm_fork( struct ntlm_ctx *ctx, char **argv ) { int pipe_in[2], pipe_out[2]; - struct ntlm_ctx *ctx; #ifdef HAVE_PIPE2 if (pipe2( pipe_in, O_CLOEXEC ) < 0) @@ -156,15 +155,6 @@ static SECURITY_STATUS CDECL ntlm_fork( char **argv, struct ntlm_ctx **ret_ctx ) fcntl( pipe_out[1], F_SETFD, FD_CLOEXEC ); } - if (!(ctx = RtlAllocateHeap( GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(*ctx) ))) - { - close( pipe_in[0] ); - close( pipe_in[1] ); - close( pipe_out[0] ); - close( pipe_out[1] ); - return SEC_E_INSUFFICIENT_MEMORY; - } - if (!(ctx->pid = fork())) /* child */ { dup2( pipe_out[0], 0 ); @@ -186,7 +176,6 @@ static SECURITY_STATUS CDECL ntlm_fork( char **argv, struct ntlm_ctx **ret_ctx ) close( pipe_in[1] ); ctx->pipe_out = pipe_out[1]; close( pipe_out[0] ); - *ret_ctx = ctx; } return SEC_E_OK; @@ -198,7 +187,7 @@ static SECURITY_STATUS CDECL ntlm_fork( char **argv, struct ntlm_ctx **ret_ctx ) static BOOL check_version( void ) { - struct ntlm_ctx *ctx; + struct ntlm_ctx ctx = { 0 }; char *argv[3], buf[80]; BOOL ret = FALSE; int len; @@ -206,9 +195,9 @@ static BOOL check_version( void ) argv[0] = (char *)"ntlm_auth"; argv[1] = (char *)"--version"; argv[2] = NULL; - if (ntlm_fork( argv, &ctx ) != SEC_E_OK) return FALSE; + if (ntlm_fork( &ctx, argv ) != SEC_E_OK) return FALSE; - if ((len = read( ctx->pipe_in, buf, sizeof(buf) - 1 )) > 8) + if ((len = read( ctx.pipe_in, buf, sizeof(buf) - 1 )) > 8) { char *newline; int major = 0, minor = 0, micro = 0; @@ -233,7 +222,7 @@ static BOOL check_version( void ) "Make sure that ntlm_auth >= %d.%d.%d is in your path. " "Usually, you can find it in the winbind package of your distribution.\n", NTLM_AUTH_MAJOR_VERSION, NTLM_AUTH_MINOR_VERSION, NTLM_AUTH_MICRO_VERSION ); - ntlm_cleanup( ctx ); + ntlm_cleanup( &ctx ); return ret; } diff --git a/dlls/msv1_0/unixlib.h b/dlls/msv1_0/unixlib.h index 92f42f4b0bd..77d1296dcd2 100644 --- a/dlls/msv1_0/unixlib.h +++ b/dlls/msv1_0/unixlib.h @@ -92,7 +92,7 @@ struct ntlm_funcs { SECURITY_STATUS (CDECL *chat)( struct ntlm_ctx *, char *, unsigned int, unsigned int * ); void (CDECL *cleanup)( struct ntlm_ctx * ); - SECURITY_STATUS (CDECL *fork)( char **, struct ntlm_ctx ** ); + SECURITY_STATUS (CDECL *fork)( struct ntlm_ctx *, char ** ); }; extern const struct ntlm_funcs *ntlm_funcs;