Skip to content

Commit 3694250

Browse files
mhagandermhagander
committed
Fix minor memory leak in Win32 SID handling functions. Not a big issue
since it's only called during process startup, thus no backpatch. Found by TAKATSUKA Haruka, patch by Magnus Hagander and Andrew Chernow
1 parent 220e36c commit 3694250

File tree

1 file changed

+28
-21
lines changed

1 file changed

+28
-21
lines changed

src/port/exec.c

Lines changed: 28 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
*
1010
*
1111
* IDENTIFICATION
12-
* $PostgreSQL: pgsql/src/port/exec.c,v 1.63 2009/06/11 14:49:15 momjian Exp $
12+
* $PostgreSQL: pgsql/src/port/exec.c,v 1.64 2009/07/27 08:46:10 mha Exp $
1313
*
1414
*-------------------------------------------------------------------------
1515
*/
@@ -56,7 +56,7 @@ static int resolve_symlinks(char *path);
5656
static char *pipe_read_line(char *cmd, char *line, int maxsize);
5757

5858
#ifdef WIN32
59-
static BOOL GetUserSid(PSID *ppSidUser, HANDLE hToken);
59+
static BOOL GetTokenUser(HANDLE hToken, PTOKEN_USER *ppTokenUser);
6060
#endif
6161

6262
/*
@@ -697,7 +697,7 @@ AddUserToDacl(HANDLE hProcess)
697697
DWORD dwTokenInfoLength = 0;
698698
HANDLE hToken = NULL;
699699
PACL pacl = NULL;
700-
PSID psidUser = NULL;
700+
PTOKEN_USER pTokenUser = NULL;
701701
TOKEN_DEFAULT_DACL tddNew;
702702
TOKEN_DEFAULT_DACL *ptdd = NULL;
703703
TOKEN_INFORMATION_CLASS tic = TokenDefaultDacl;
@@ -744,15 +744,19 @@ AddUserToDacl(HANDLE hProcess)
744744
goto cleanup;
745745
}
746746

747-
/* Get the SID for the current user. We need to add this to the ACL. */
748-
if (!GetUserSid(&psidUser, hToken))
747+
/*
748+
* Get the user token for the current user, which provides us with the
749+
* SID that is needed for creating the ACL.
750+
*/
751+
if (!GetTokenUser(hToken, &pTokenUser))
749752
{
750-
log_error("could not get user SID: %lu", GetLastError());
753+
log_error("could not get user token: %lu", GetLastError());
751754
goto cleanup;
752755
}
753756

754757
/* Figure out the size of the new ACL */
755-
dwNewAclSize = asi.AclBytesInUse + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(psidUser) -sizeof(DWORD);
758+
dwNewAclSize = asi.AclBytesInUse + sizeof(ACCESS_ALLOWED_ACE) +
759+
GetLengthSid(pTokenUser->User.Sid) -sizeof(DWORD);
756760

757761
/* Allocate the ACL buffer & initialize it */
758762
pacl = (PACL) LocalAlloc(LPTR, dwNewAclSize);
@@ -785,7 +789,7 @@ AddUserToDacl(HANDLE hProcess)
785789
}
786790

787791
/* Add the new ACE for the current user */
788-
if (!AddAccessAllowedAce(pacl, ACL_REVISION, GENERIC_ALL, psidUser))
792+
if (!AddAccessAllowedAce(pacl, ACL_REVISION, GENERIC_ALL, pTokenUser->User.Sid))
789793
{
790794
log_error("could not add access allowed ACE: %lu", GetLastError());
791795
goto cleanup;
@@ -803,8 +807,8 @@ AddUserToDacl(HANDLE hProcess)
803807
ret = TRUE;
804808

805809
cleanup:
806-
if (psidUser)
807-
FreeSid(psidUser);
810+
if (pTokenUser)
811+
LocalFree((HLOCAL) pTokenUser);
808812

809813
if (pacl)
810814
LocalFree((HLOCAL) pacl);
@@ -819,28 +823,31 @@ AddUserToDacl(HANDLE hProcess)
819823
}
820824

821825
/*
822-
* GetUserSid*PSID *ppSidUser, HANDLE hToken)
826+
* GetTokenUser(HANDLE hToken, PTOKEN_USER *ppTokenUser)
827+
*
828+
* Get the users token information from a process token.
823829
*
824-
* Get the SID for the current user
830+
* The caller of this function is responsible for calling LocalFree() on the
831+
* returned TOKEN_USER memory.
825832
*/
826833
static BOOL
827-
GetUserSid(PSID *ppSidUser, HANDLE hToken)
834+
GetTokenUser(HANDLE hToken, PTOKEN_USER *ppTokenUser)
828835
{
829836
DWORD dwLength;
830-
PTOKEN_USER pTokenUser = NULL;
831837

838+
*ppTokenUser = NULL;
832839

833840
if (!GetTokenInformation(hToken,
834841
TokenUser,
835-
pTokenUser,
842+
NULL,
836843
0,
837844
&dwLength))
838845
{
839846
if (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
840847
{
841-
pTokenUser = (PTOKEN_USER) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwLength);
848+
*ppTokenUser = (PTOKEN_USER) LocalAlloc(LPTR, dwLength);
842849

843-
if (pTokenUser == NULL)
850+
if (*ppTokenUser == NULL)
844851
{
845852
log_error("could not allocate %lu bytes of memory", dwLength);
846853
return FALSE;
@@ -855,18 +862,18 @@ GetUserSid(PSID *ppSidUser, HANDLE hToken)
855862

856863
if (!GetTokenInformation(hToken,
857864
TokenUser,
858-
pTokenUser,
865+
*ppTokenUser,
859866
dwLength,
860867
&dwLength))
861868
{
862-
HeapFree(GetProcessHeap(), 0, pTokenUser);
863-
pTokenUser = NULL;
869+
LocalFree(*ppTokenUser);
870+
*ppTokenUser = NULL;
864871

865872
log_error("could not get token information: %lu", GetLastError());
866873
return FALSE;
867874
}
868875

869-
*ppSidUser = pTokenUser->User.Sid;
876+
/* Memory in *ppTokenUser is LocalFree():d by the caller */
870877
return TRUE;
871878
}
872879

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy