The branch, master has been updated
via 7e78d275424 gensec: Fix CID 1458419 Control flow issues (NO_EFFECT)
via 43c808f2ff9 gensec: Fix CID 1458421 OVERRUN
via ef0350221e1 auth: Fix CID 1458418 Null pointer dereferences
(REVERSE_INULL)
via 503fc8f2ba6 auth: Fix CID 1458420 Null pointer dereferences
(REVERSE_INULL)
from bd279d3f98d ctdb-tests: Fix getdbmap test so that it actually works
sanely
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 7e78d275424db52544ee550ad0993c38d08d30a8
Author: Volker Lendecke <v...@samba.org>
Date: Wed Feb 12 15:42:28 2020 +0100
gensec: Fix CID 1458419 Control flow issues (NO_EFFECT)
socklen_t can be unsigned
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Autobuild-User(master): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(master): Fri Feb 14 13:42:26 UTC 2020 on sn-devel-184
commit 43c808f2ff907497dfff0988ff90a48fdcfc16ef
Author: Volker Lendecke <v...@samba.org>
Date: Wed Feb 12 15:36:20 2020 +0100
gensec: Fix CID 1458421 OVERRUN
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit ef0350221e194a3dd3350eab02b38baeb32d8fd3
Author: Volker Lendecke <v...@samba.org>
Date: Wed Feb 12 15:40:32 2020 +0100
auth: Fix CID 1458418 Null pointer dereferences (REVERSE_INULL)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit 503fc8f2ba662ecbec0788bd1710440464dc5cfd
Author: Volker Lendecke <v...@samba.org>
Date: Wed Feb 12 15:39:54 2020 +0100
auth: Fix CID 1458420 Null pointer dereferences (REVERSE_INULL)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/auth/auth_sam.c | 6 ++++--
source4/auth/gensec/gensec_krb5.c | 18 ++++++++++--------
2 files changed, 14 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index c6357c696ea..3c12f959faf 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -80,12 +80,13 @@ static NTSTATUS auth_samstrict_auth(const struct
auth_context *auth_context,
const struct auth_usersupplied_info
*user_info,
struct auth_serversupplied_info
**server_info)
{
- const char *effective_domain = user_info->mapped.domain_name;
+ const char *effective_domain = NULL;
bool is_local_name, is_my_domain;
if (!user_info || !auth_context) {
return NT_STATUS_LOGON_FAILURE;
}
+ effective_domain = user_info->mapped.domain_name;
if (user_info->mapped.account_name == NULL ||
user_info->mapped.account_name[0] == '\0')
@@ -187,12 +188,13 @@ static NTSTATUS auth_sam_netlogon3_auth(const struct
auth_context *auth_context,
const struct auth_usersupplied_info
*user_info,
struct auth_serversupplied_info
**server_info)
{
- const char *effective_domain = user_info->mapped.domain_name;
+ const char *effective_domain = NULL;
bool is_my_domain;
if (!user_info || !auth_context) {
return NT_STATUS_LOGON_FAILURE;
}
+ effective_domain = user_info->mapped.domain_name;
if (user_info->mapped.account_name == NULL ||
user_info->mapped.account_name[0] == '\0')
diff --git a/source4/auth/gensec/gensec_krb5.c
b/source4/auth/gensec/gensec_krb5.c
index c7d0fc6c225..866ecc82133 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -145,16 +145,17 @@ static NTSTATUS gensec_krb5_start(struct gensec_security
*gensec_security, bool
tlocal_addr = gensec_get_local_address(gensec_security);
if (tlocal_addr) {
+ ssize_t sockaddr_ret;
struct samba_sockaddr addr;
bool ok;
- addr.sa_socklen = tsocket_address_bsd_sockaddr(tlocal_addr,
- &addr.u.sa,
- sizeof(addr.u));
- if (addr.sa_socklen < 0) {
+ sockaddr_ret = tsocket_address_bsd_sockaddr(
+ tlocal_addr, &addr.u.sa, sizeof(addr.u.sa));
+ if (sockaddr_ret < 0) {
talloc_free(gensec_krb5_state);
return NT_STATUS_INTERNAL_ERROR;
}
+ addr.sa_socklen = sockaddr_ret;
ok = smb_krb5_sockaddr_to_kaddr(&addr.u.ss, &my_krb5_addr);
if (!ok) {
DBG_WARNING("smb_krb5_sockaddr_to_kaddr (local)
failed\n");
@@ -165,16 +166,17 @@ static NTSTATUS gensec_krb5_start(struct gensec_security
*gensec_security, bool
tremote_addr = gensec_get_remote_address(gensec_security);
if (tremote_addr) {
+ ssize_t sockaddr_ret;
struct samba_sockaddr addr;
bool ok;
- addr.sa_socklen = tsocket_address_bsd_sockaddr(tremote_addr,
- &addr.u.sa,
- sizeof(addr.u));
- if (addr.sa_socklen < 0) {
+ sockaddr_ret = tsocket_address_bsd_sockaddr(
+ tremote_addr, &addr.u.sa, sizeof(addr.u.sa));
+ if (sockaddr_ret < 0) {
talloc_free(gensec_krb5_state);
return NT_STATUS_INTERNAL_ERROR;
}
+ addr.sa_socklen = sockaddr_ret;
ok = smb_krb5_sockaddr_to_kaddr(&addr.u.ss, &peer_krb5_addr);
if (!ok) {
DBG_WARNING("smb_krb5_sockaddr_to_kaddr (remote)
failed\n");
--
Samba Shared Repository
