diff options
author | Andrew Bartlett <abartlet@samba.org> | 2014-05-23 16:06:17 +1200 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2014-07-15 12:46:15 +0200 |
commit | f72899ec2bc0ad3f6cd1e3d586235543b51f7cd1 (patch) | |
tree | 1a68b5d71b7db5f49ec832bf73ba46919e1d3c12 /source4/dsdb/repl/drepl_out_helpers.c | |
parent | 4730d74e38998aaeadbe13682cc6462c3ceb4766 (diff) | |
download | samba-f72899ec2bc0ad3f6cd1e3d586235543b51f7cd1.tar.gz |
dsdb: Do not store a struct ldb_dn in struct schema_data
The issue is that the DN contains a pointer to the ldb it belongs to,
and if this is not kept around long enough, we might reference memory
after it is de-allocated.
Andrew Bartlett
Change-Id: I040a6c37a3164b3309f370e32e598dd56b1a1bbb
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 8327321225251e312ccbd06bbefa5ebf98099f34)
Diffstat (limited to 'source4/dsdb/repl/drepl_out_helpers.c')
-rw-r--r-- | source4/dsdb/repl/drepl_out_helpers.c | 35 |
1 files changed, 20 insertions, 15 deletions
diff --git a/source4/dsdb/repl/drepl_out_helpers.c b/source4/dsdb/repl/drepl_out_helpers.c index 7e9546c985..bd788ddf4a 100644 --- a/source4/dsdb/repl/drepl_out_helpers.c +++ b/source4/dsdb/repl/drepl_out_helpers.c @@ -382,6 +382,7 @@ static void dreplsrv_op_pull_source_get_changes_trigger(struct tevent_req *req) NTSTATUS status; uint32_t replica_flags; struct drsuapi_DsReplicaHighWaterMark highwatermark; + struct ldb_dn *schema_dn = ldb_get_schema_basedn(service->samdb); r = talloc(state, struct drsuapi_DsGetNCChanges); if (tevent_req_nomem(r, req)) { @@ -429,7 +430,7 @@ static void dreplsrv_op_pull_source_get_changes_trigger(struct tevent_req *req) replica_flags &= ~DRSUAPI_DRS_WRIT_REP; } else if (partition->rodc_replica) { bool for_schema = false; - if (ldb_dn_compare_base(ldb_get_schema_basedn(service->samdb), partition->dn) == 0) { + if (ldb_dn_compare_base(schema_dn, partition->dn) == 0) { for_schema = true; } @@ -616,6 +617,7 @@ static void dreplsrv_op_pull_source_apply_changes_trigger(struct tevent_req *req struct dreplsrv_service *service = state->op->service; struct dreplsrv_partition *partition = state->op->source_dsa->partition; struct dreplsrv_drsuapi_connection *drsuapi = state->op->source_dsa->conn->drsuapi; + struct ldb_dn *schema_dn = ldb_get_schema_basedn(service->samdb); struct dsdb_schema *schema; struct dsdb_schema *working_schema = NULL; const struct drsuapi_DsReplicaOIDMapping_Ctr *mapping_ctr; @@ -672,20 +674,23 @@ static void dreplsrv_op_pull_source_apply_changes_trigger(struct tevent_req *req * Decide what working schema to use for object conversion. * We won't need a working schema for empty replicas sent. */ - if (first_object && ldb_dn_compare(partition->dn, schema->base_dn) == 0) { - /* create working schema to convert objects with */ - status = dsdb_repl_make_working_schema(service->samdb, - schema, - mapping_ctr, - object_count, - first_object, - &drsuapi->gensec_skey, - state, &working_schema); - if (!W_ERROR_IS_OK(status)) { - DEBUG(0,("Failed to create working schema: %s\n", - win_errstr(status))); - tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR); - return; + if (first_object) { + bool is_schema = ldb_dn_compare(partition->dn, schema_dn) == 0; + if (is_schema) { + /* create working schema to convert objects with */ + status = dsdb_repl_make_working_schema(service->samdb, + schema, + mapping_ctr, + object_count, + first_object, + &drsuapi->gensec_skey, + state, &working_schema); + if (!W_ERROR_IS_OK(status)) { + DEBUG(0,("Failed to create working schema: %s\n", + win_errstr(status))); + tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR); + return; + } } } |