File 151127-NSS-Fix-memory-leak-netgroup.patch of Package sssd.openSUSE_Leap_42.1_Update

diff -rupN sssd-1.11.5.1-original/src/responder/nss/nsssrv_netgroup.c sssd-1.11.5.1-patched/src/responder/nss/nsssrv_netgroup.c
--- sssd-1.11.5.1-original/src/responder/nss/nsssrv_netgroup.c	2017-01-30 16:31:39.394346250 +0100
+++ sssd-1.11.5.1-patched/src/responder/nss/nsssrv_netgroup.c	2017-01-30 16:33:21.239619931 +0100
@@ -429,14 +429,15 @@ static errno_t create_negcache_netgr(str
     errno_t ret;
     struct getent_ctx *netgr;
 
-    netgr = talloc_zero(step_ctx->nctx, struct getent_ctx);
-    if (netgr == NULL) {
-        DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_zero failed.\n"));
-        ret = ENOMEM;
-        goto done;
-    } else {
-        netgr->ready = true;
-        netgr->found = false;
+    /* Is there already netgroup with such name? */
+    ret = get_netgroup_entry(step_ctx->nctx, step_ctx->name, &netgr);
+    if (ret != EOK || netgr == NULL) {
+        netgr = talloc_zero(step_ctx->nctx, struct getent_ctx);
+        if (netgr == NULL) {
+            DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_zero failed.\n"));
+            ret = ENOMEM;
+            goto done;
+        }
         netgr->entries = NULL;
         netgr->lookup_table = step_ctx->nctx->netgroups;
         netgr->name = talloc_strdup(netgr, step_ctx->name);
@@ -451,13 +452,20 @@ static errno_t create_negcache_netgr(str
             DEBUG(SSSDBG_CRIT_FAILURE, ("set_netgroup_entry failed.\n"));
             goto done;
         }
-        set_netgr_lifetime(step_ctx->nctx->neg_timeout, step_ctx, netgr);
     }
 
+    netgr->ready = true;
+    netgr->found = false;
+
+    set_netgr_lifetime(step_ctx->nctx->neg_timeout, step_ctx, netgr);
+
+    ret = EOK;
+
 done:
     if (ret != EOK) {
         talloc_free(netgr);
     }
+
     return ret;
 }
 
@@ -469,6 +477,12 @@ static errno_t lookup_netgr_step(struct
     struct sysdb_ctx *sysdb;
     char *name = NULL;
     uint32_t lifetime;
+    TALLOC_CTX *tmp_ctx;
+
+    tmp_ctx = talloc_new(NULL);
+    if (tmp_ctx == NULL) {
+        return ENOMEM;
+    }
 
     /* Check each domain for this netgroup name */
     while (dom) {
@@ -489,8 +503,7 @@ static errno_t lookup_netgr_step(struct
         /* make sure to update the dctx if we changed domain */
         step_ctx->dctx->domain = dom;
 
-        talloc_free(name);
-        name = sss_get_cased_name(step_ctx, step_ctx->name,
+        name = sss_get_cased_name(tmp_ctx, step_ctx->name,
                                   dom->case_sensitive);
         if (!name) {
             DEBUG(SSSDBG_CRIT_FAILURE, ("sss_get_cased_name failed\n"));
@@ -618,10 +631,11 @@ static errno_t lookup_netgr_step(struct
             ("create_negcache_netgr failed with: %d:[%s], ignored.\n",
             ret, sss_strerror(ret)));
     }
+
     ret = ENOENT;
 
 done:
-    talloc_free(name);
+    talloc_free(tmp_ctx);
     return ret;
 }