mirror of
https://github.com/samba-team/samba.git
synced 2025-01-03 01:18:10 +03:00
CVE-2022-38023 s3:rpc_server/netlogon: Avoid unnecessary loadparm_context allocations
After s3 and s4 rpc servers merge the loadparm_context is available in
the dcesrv_context structure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan 9 15:17:14 UTC 2023 on sn-devel-184
(cherry picked from commit 56837f3d31
)
Autobuild-User(v4-15-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-15-test): Mon Jan 23 10:01:41 UTC 2023 on sn-devel-184
This commit is contained in:
parent
1e6772da7a
commit
07ba1038cd
@ -859,7 +859,7 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p,
|
|||||||
* so use a copy to avoid destroying the client values. */
|
* so use a copy to avoid destroying the client values. */
|
||||||
uint32_t in_neg_flags = *r->in.negotiate_flags;
|
uint32_t in_neg_flags = *r->in.negotiate_flags;
|
||||||
const char *fn;
|
const char *fn;
|
||||||
struct loadparm_context *lp_ctx;
|
struct loadparm_context *lp_ctx = p->dce_call->conn->dce_ctx->lp_ctx;
|
||||||
struct dom_sid sid;
|
struct dom_sid sid;
|
||||||
struct samr_Password mach_pwd;
|
struct samr_Password mach_pwd;
|
||||||
struct netlogon_creds_CredentialState *creds;
|
struct netlogon_creds_CredentialState *creds;
|
||||||
@ -977,20 +977,11 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p,
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
lp_ctx = loadparm_init_s3(p->mem_ctx, loadparm_s3_helpers());
|
|
||||||
if (lp_ctx == NULL) {
|
|
||||||
DEBUG(10, ("loadparm_init_s3 failed\n"));
|
|
||||||
status = NT_STATUS_INTERNAL_ERROR;
|
|
||||||
goto out;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Store off the state so we can continue after client disconnect. */
|
/* Store off the state so we can continue after client disconnect. */
|
||||||
become_root();
|
become_root();
|
||||||
status = schannel_save_creds_state(p->mem_ctx, lp_ctx, creds);
|
status = schannel_save_creds_state(p->mem_ctx, lp_ctx, creds);
|
||||||
unbecome_root();
|
unbecome_root();
|
||||||
|
|
||||||
talloc_unlink(p->mem_ctx, lp_ctx);
|
|
||||||
|
|
||||||
if (!NT_STATUS_IS_OK(status)) {
|
if (!NT_STATUS_IS_OK(status)) {
|
||||||
ZERO_STRUCTP(r->out.return_credentials);
|
ZERO_STRUCTP(r->out.return_credentials);
|
||||||
goto out;
|
goto out;
|
||||||
@ -1985,7 +1976,7 @@ NTSTATUS _netr_LogonSamLogonEx(struct pipes_struct *p,
|
|||||||
{
|
{
|
||||||
NTSTATUS status;
|
NTSTATUS status;
|
||||||
struct netlogon_creds_CredentialState *creds = NULL;
|
struct netlogon_creds_CredentialState *creds = NULL;
|
||||||
struct loadparm_context *lp_ctx;
|
struct loadparm_context *lp_ctx = p->dce_call->conn->dce_ctx->lp_ctx;
|
||||||
|
|
||||||
*r->out.authoritative = true;
|
*r->out.authoritative = true;
|
||||||
|
|
||||||
@ -1994,18 +1985,10 @@ NTSTATUS _netr_LogonSamLogonEx(struct pipes_struct *p,
|
|||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
lp_ctx = loadparm_init_s3(p->mem_ctx, loadparm_s3_helpers());
|
|
||||||
if (lp_ctx == NULL) {
|
|
||||||
DEBUG(0, ("loadparm_init_s3 failed\n"));
|
|
||||||
return NT_STATUS_INTERNAL_ERROR;
|
|
||||||
}
|
|
||||||
|
|
||||||
become_root();
|
become_root();
|
||||||
status = schannel_get_creds_state(p->mem_ctx, lp_ctx,
|
status = schannel_get_creds_state(p->mem_ctx, lp_ctx,
|
||||||
r->in.computer_name, &creds);
|
r->in.computer_name, &creds);
|
||||||
unbecome_root();
|
unbecome_root();
|
||||||
talloc_unlink(p->mem_ctx, lp_ctx);
|
|
||||||
|
|
||||||
if (!NT_STATUS_IS_OK(status)) {
|
if (!NT_STATUS_IS_OK(status)) {
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user