1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-21 09:34:19 +03:00

CVE-2022-38023 s3:rpc_server/netlogon: Avoid unnecessary loadparm_context allocations

After s3 and s4 rpc servers merge the loadparm_context is available in
the dcesrv_context structure.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan  9 15:17:14 UTC 2023 on sn-devel-184

(cherry picked from commit 56837f3d31)

Autobuild-User(v4-15-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-15-test): Mon Jan 23 10:01:41 UTC 2023 on sn-devel-184
This commit is contained in:
Samuel Cabrero 2022-12-22 16:32:40 +01:00 committed by Jule Anger
parent 1e6772da7a
commit 07ba1038cd

View File

@ -859,7 +859,7 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p,
* so use a copy to avoid destroying the client values. */
uint32_t in_neg_flags = *r->in.negotiate_flags;
const char *fn;
struct loadparm_context *lp_ctx;
struct loadparm_context *lp_ctx = p->dce_call->conn->dce_ctx->lp_ctx;
struct dom_sid sid;
struct samr_Password mach_pwd;
struct netlogon_creds_CredentialState *creds;
@ -977,20 +977,11 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p,
goto out;
}
lp_ctx = loadparm_init_s3(p->mem_ctx, loadparm_s3_helpers());
if (lp_ctx == NULL) {
DEBUG(10, ("loadparm_init_s3 failed\n"));
status = NT_STATUS_INTERNAL_ERROR;
goto out;
}
/* Store off the state so we can continue after client disconnect. */
become_root();
status = schannel_save_creds_state(p->mem_ctx, lp_ctx, creds);
unbecome_root();
talloc_unlink(p->mem_ctx, lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
ZERO_STRUCTP(r->out.return_credentials);
goto out;
@ -1985,7 +1976,7 @@ NTSTATUS _netr_LogonSamLogonEx(struct pipes_struct *p,
{
NTSTATUS status;
struct netlogon_creds_CredentialState *creds = NULL;
struct loadparm_context *lp_ctx;
struct loadparm_context *lp_ctx = p->dce_call->conn->dce_ctx->lp_ctx;
*r->out.authoritative = true;
@ -1994,18 +1985,10 @@ NTSTATUS _netr_LogonSamLogonEx(struct pipes_struct *p,
return status;
}
lp_ctx = loadparm_init_s3(p->mem_ctx, loadparm_s3_helpers());
if (lp_ctx == NULL) {
DEBUG(0, ("loadparm_init_s3 failed\n"));
return NT_STATUS_INTERNAL_ERROR;
}
become_root();
status = schannel_get_creds_state(p->mem_ctx, lp_ctx,
r->in.computer_name, &creds);
unbecome_root();
talloc_unlink(p->mem_ctx, lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
return status;
}