Avoid a double free when ipa_hostname is set in sssd.conf and it

is an unqualified host name.  From Daniel Kopecek.

Also move the "unable to allocate memory" warning into get_ipa_hostname()
itself to make it easier to see where the allocation failed in the
debug log.

diff --git a/plugins/sudoers/sssd.c b/plugins/sudoers/sssd.c
index 09ca9feeb55221d3913b1951b66a5556fea80cd4..4f735e86b8190fd0e9bfb3897506e3abb6f0c126 100644 (file)
--- a/plugins/sudoers/sssd.c
+++ b/plugins/sudoers/sssd.c
@@ -349,6 +349,8 @@ get_ipa_hostname(char **shostp, char **lhostp)
                    *lhostp = lhost;
                    ret = true;
                } else {
+                   sudo_warnx(U_("%s: %s"), __func__,
+                       U_("unable to allocate memory"));
                    free(shost);
                    free(lhost);
                    ret = -1;
@@ -456,7 +458,6 @@ sudo_sss_open(struct sudo_nss *nss)
      */
     if (strcmp(user_runhost, user_host) == 0) {
        if (get_ipa_hostname(&handle->ipa_shost, &handle->ipa_host) == -1) {
-           sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
            free(handle);
            debug_return_int(ENOMEM);
        }
@@ -478,7 +479,8 @@ sudo_sss_close(struct sudo_nss *nss)
        handle = nss->handle;
        sudo_dso_unload(handle->ssslib);
        free(handle->ipa_host);
-       free(handle->ipa_shost);
+       if (handle->ipa_host != handle->ipa_shost)
+           free(handle->ipa_shost);
        free(handle);
        nss->handle = NULL;
     }