2025-02-23 09:57:40 +03:00 · 2021-07-05 17:17:30 +02:00 · 2021-07-05 17:17:30 +02:00 · 00bab5b3c8
commit 00bab5b3c8
parent 7c3bb491ba
3 changed files with 23 additions and 0 deletions
--- a/source3/smbd/smbXsrv_open.c
+++ b/source3/smbd/smbXsrv_open.c
@ -1645,6 +1645,15 @@ static NTSTATUS smbXsrv_open_global_parse_record(TALLOC_CTX *mem_ctx,
 		goto done;
 	}

+	if (global_blob.info.info0 == NULL) {
+		status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+		DEBUG(1,("Invalid record in smbXsrv_tcon_global.tdb:"
+			 "key '%s' info0 NULL pointer - %s\n",
+			 hex_encode_talloc(frame, key.dptr, key.dsize),
+			 nt_errstr(status)));
+		goto done;
+	}
+
 	*global = talloc_move(mem_ctx, &global_blob.info.info0);
 	status = NT_STATUS_OK;
 done:
--- a/source3/smbd/smbXsrv_session.c
+++ b/source3/smbd/smbXsrv_session.c
@ -2425,6 +2425,13 @@ static int smbXsrv_session_global_traverse_fn(struct db_record *rec, void *data)
 		goto done;
 	}

+	if (global_blob.info.info0 == NULL) {
+		DEBUG(1,("Invalid record in smbXsrv_tcon_global.tdb:"
+			 "key '%s' info0 NULL pointer\n",
+			 hex_encode_talloc(frame, key.dptr, key.dsize)));
+		goto done;
+	}
+
 	global_blob.info.info0->db_rec = rec;
 	ret = state->fn(global_blob.info.info0, state->private_data);
 done:
--- a/source3/smbd/smbXsrv_tcon.c
+++ b/source3/smbd/smbXsrv_tcon.c
@ -1209,6 +1209,13 @@ static int smbXsrv_tcon_global_traverse_fn(struct db_record *rec, void *data)
 		goto done;
 	}

+	if (global_blob.info.info0 == NULL) {
+		DEBUG(1,("Invalid record in smbXsrv_tcon_global.tdb:"
+			 "key '%s' info0 NULL pointer\n",
+			 hex_encode_talloc(frame, key.dptr, key.dsize)));
+		goto done;
+	}
+
 	global_blob.info.info0->db_rec = rec;
 	ret = state->fn(global_blob.info.info0, state->private_data);
 done: