mirror of
https://github.com/samba-team/samba.git
synced 2024-12-21 09:34:19 +03:00
CVE-2022-38023 s3:rpc_server/netlogon: Avoid unnecessary loadparm_context allocations
After s3 and s4 rpc servers merge the loadparm_context is available in
the dcesrv_context structure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan 9 15:17:14 UTC 2023 on sn-devel-184
(cherry picked from commit 56837f3d31
)
Autobuild-User(v4-15-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-15-test): Mon Jan 23 10:01:41 UTC 2023 on sn-devel-184
This commit is contained in:
parent
1e6772da7a
commit
07ba1038cd
@ -859,7 +859,7 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p,
|
||||
* so use a copy to avoid destroying the client values. */
|
||||
uint32_t in_neg_flags = *r->in.negotiate_flags;
|
||||
const char *fn;
|
||||
struct loadparm_context *lp_ctx;
|
||||
struct loadparm_context *lp_ctx = p->dce_call->conn->dce_ctx->lp_ctx;
|
||||
struct dom_sid sid;
|
||||
struct samr_Password mach_pwd;
|
||||
struct netlogon_creds_CredentialState *creds;
|
||||
@ -977,20 +977,11 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p,
|
||||
goto out;
|
||||
}
|
||||
|
||||
lp_ctx = loadparm_init_s3(p->mem_ctx, loadparm_s3_helpers());
|
||||
if (lp_ctx == NULL) {
|
||||
DEBUG(10, ("loadparm_init_s3 failed\n"));
|
||||
status = NT_STATUS_INTERNAL_ERROR;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* Store off the state so we can continue after client disconnect. */
|
||||
become_root();
|
||||
status = schannel_save_creds_state(p->mem_ctx, lp_ctx, creds);
|
||||
unbecome_root();
|
||||
|
||||
talloc_unlink(p->mem_ctx, lp_ctx);
|
||||
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
ZERO_STRUCTP(r->out.return_credentials);
|
||||
goto out;
|
||||
@ -1985,7 +1976,7 @@ NTSTATUS _netr_LogonSamLogonEx(struct pipes_struct *p,
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct netlogon_creds_CredentialState *creds = NULL;
|
||||
struct loadparm_context *lp_ctx;
|
||||
struct loadparm_context *lp_ctx = p->dce_call->conn->dce_ctx->lp_ctx;
|
||||
|
||||
*r->out.authoritative = true;
|
||||
|
||||
@ -1994,18 +1985,10 @@ NTSTATUS _netr_LogonSamLogonEx(struct pipes_struct *p,
|
||||
return status;
|
||||
}
|
||||
|
||||
lp_ctx = loadparm_init_s3(p->mem_ctx, loadparm_s3_helpers());
|
||||
if (lp_ctx == NULL) {
|
||||
DEBUG(0, ("loadparm_init_s3 failed\n"));
|
||||
return NT_STATUS_INTERNAL_ERROR;
|
||||
}
|
||||
|
||||
become_root();
|
||||
status = schannel_get_creds_state(p->mem_ctx, lp_ctx,
|
||||
r->in.computer_name, &creds);
|
||||
unbecome_root();
|
||||
talloc_unlink(p->mem_ctx, lp_ctx);
|
||||
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user