Skip to content

P
Postgres FD Implementation
Commit 36942504 authored by Magnus Hagander's avatar Magnus Hagander
Browse files
Options

Fix minor memory leak in Win32 SID handling functions. Not a big issue 

since it's only called during process startup, thus no backpatch.

Found by TAKATSUKA Haruka, patch by Magnus Hagander and
Andrew Chernow
parent 220e36c9
Show whitespace changes
Inline Side-by-side
Showing with 28 additions and 21 deletions
src/port/exec.c
View file @ 36942504
...@@ -9,7 +9,7 @@ ...@@ -9,7 +9,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $PostgreSQL: pgsql/src/port/exec.c,v 1.63 2009/06/11 14:49:15 momjian Exp $ * $PostgreSQL: pgsql/src/port/exec.c,v 1.64 2009/07/27 08:46:10 mha Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
...@@ -56,7 +56,7 @@ static int resolve_symlinks(char *path); ...@@ -56,7 +56,7 @@ static int resolve_symlinks(char *path);
static char *pipe_read_line(char *cmd, char *line, int maxsize); static char *pipe_read_line(char *cmd, char *line, int maxsize);
#ifdef WIN32 #ifdef WIN32
static BOOL GetUserSid(PSID *ppSidUser, HANDLE hToken); static BOOL GetTokenUser(HANDLE hToken, PTOKEN_USER *ppTokenUser);
#endif #endif
/* /*
...@@ -697,7 +697,7 @@ AddUserToDacl(HANDLE hProcess) ...@@ -697,7 +697,7 @@ AddUserToDacl(HANDLE hProcess)
DWORD dwTokenInfoLength = 0; DWORD dwTokenInfoLength = 0;
HANDLE hToken = NULL; HANDLE hToken = NULL;
PACL pacl = NULL; PACL pacl = NULL;
PSID psidUser = NULL; PTOKEN_USER pTokenUser = NULL;
TOKEN_DEFAULT_DACL tddNew; TOKEN_DEFAULT_DACL tddNew;
TOKEN_DEFAULT_DACL *ptdd = NULL; TOKEN_DEFAULT_DACL *ptdd = NULL;
TOKEN_INFORMATION_CLASS tic = TokenDefaultDacl; TOKEN_INFORMATION_CLASS tic = TokenDefaultDacl;
...@@ -744,15 +744,19 @@ AddUserToDacl(HANDLE hProcess) ...@@ -744,15 +744,19 @@ AddUserToDacl(HANDLE hProcess)
goto cleanup; goto cleanup;
} }
/* Get the SID for the current user. We need to add this to the ACL. */ /*
if (!GetUserSid(&psidUser, hToken)) * Get the user token for the current user, which provides us with the
* SID that is needed for creating the ACL.
*/
if (!GetTokenUser(hToken, &pTokenUser))
{ {
log_error("could not get user SID: %lu", GetLastError()); log_error("could not get user token: %lu", GetLastError());
goto cleanup; goto cleanup;
} }
/* Figure out the size of the new ACL */ /* Figure out the size of the new ACL */
dwNewAclSize = asi.AclBytesInUse + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(psidUser) -sizeof(DWORD); dwNewAclSize = asi.AclBytesInUse + sizeof(ACCESS_ALLOWED_ACE) +
GetLengthSid(pTokenUser->User.Sid) -sizeof(DWORD);
/* Allocate the ACL buffer & initialize it */ /* Allocate the ACL buffer & initialize it */
pacl = (PACL) LocalAlloc(LPTR, dwNewAclSize); pacl = (PACL) LocalAlloc(LPTR, dwNewAclSize);
...@@ -785,7 +789,7 @@ AddUserToDacl(HANDLE hProcess) ...@@ -785,7 +789,7 @@ AddUserToDacl(HANDLE hProcess)
} }
/* Add the new ACE for the current user */ /* Add the new ACE for the current user */
if (!AddAccessAllowedAce(pacl, ACL_REVISION, GENERIC_ALL, psidUser)) if (!AddAccessAllowedAce(pacl, ACL_REVISION, GENERIC_ALL, pTokenUser->User.Sid))
{ {
log_error("could not add access allowed ACE: %lu", GetLastError()); log_error("could not add access allowed ACE: %lu", GetLastError());
goto cleanup; goto cleanup;
...@@ -803,8 +807,8 @@ AddUserToDacl(HANDLE hProcess) ...@@ -803,8 +807,8 @@ AddUserToDacl(HANDLE hProcess)
ret = TRUE; ret = TRUE;
cleanup: cleanup:
if (psidUser) if (pTokenUser)
FreeSid(psidUser); LocalFree((HLOCAL) pTokenUser);
if (pacl) if (pacl)
LocalFree((HLOCAL) pacl); LocalFree((HLOCAL) pacl);
...@@ -819,28 +823,31 @@ cleanup: ...@@ -819,28 +823,31 @@ cleanup:
} }
/* /*
* GetUserSid*PSID *ppSidUser, HANDLE hToken) * GetTokenUser(HANDLE hToken, PTOKEN_USER *ppTokenUser)
* *
* Get the SID for the current user * Get the users token information from a process token.
*
* The caller of this function is responsible for calling LocalFree() on the
* returned TOKEN_USER memory.
*/ */
static BOOL static BOOL
GetUserSid(PSID *ppSidUser, HANDLE hToken) GetTokenUser(HANDLE hToken, PTOKEN_USER *ppTokenUser)
{ {
DWORD dwLength; DWORD dwLength;
PTOKEN_USER pTokenUser = NULL;
*ppTokenUser = NULL;
if (!GetTokenInformation(hToken, if (!GetTokenInformation(hToken,
TokenUser, TokenUser,
pTokenUser, NULL,
0, 0,
&dwLength)) &dwLength))
{ {
if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) if (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
{ {
pTokenUser = (PTOKEN_USER) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwLength); *ppTokenUser = (PTOKEN_USER) LocalAlloc(LPTR, dwLength);
if (pTokenUser == NULL) if (*ppTokenUser == NULL)
{ {
log_error("could not allocate %lu bytes of memory", dwLength); log_error("could not allocate %lu bytes of memory", dwLength);
return FALSE; return FALSE;
...@@ -855,18 +862,18 @@ GetUserSid(PSID *ppSidUser, HANDLE hToken) ...@@ -855,18 +862,18 @@ GetUserSid(PSID *ppSidUser, HANDLE hToken)
if (!GetTokenInformation(hToken, if (!GetTokenInformation(hToken,
TokenUser, TokenUser,
pTokenUser, *ppTokenUser,
dwLength, dwLength,
&dwLength)) &dwLength))
{ {
HeapFree(GetProcessHeap(), 0, pTokenUser); LocalFree(*ppTokenUser);
pTokenUser = NULL; *ppTokenUser = NULL;
log_error("could not get token information: %lu", GetLastError()); log_error("could not get token information: %lu", GetLastError());
return FALSE; return FALSE;
} }
*ppSidUser = pTokenUser->User.Sid; /* Memory in *ppTokenUser is LocalFree():d by the caller */
return TRUE; return TRUE;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment