mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
auth-kerberos: avoid crash with MIT krb5 1.10.0 in gss_get_name_attribute()
gss_get_name_attribute() can return unintialized pac_display_buffer and later gss_release_buffer() will crash on attempting to release it. The fix on MIT krb5 side is in 1.10.1, reported in both Debian and MIT upstream: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658514 http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=7087 We need to initialize variables before using gss_get_name_attribute() Autobuild-User: Alexander Bokovoy <ab@samba.org> Autobuild-Date: Wed Jun 6 18:22:51 CEST 2012 on sn-devel-104
This commit is contained in:
parent
f3df2988ba
commit
238d24af4e
@ -80,8 +80,24 @@ NTSTATUS gssapi_obtain_pac_blob(TALLOC_CTX *mem_ctx,
|
||||
NTSTATUS status;
|
||||
OM_uint32 gss_maj, gss_min;
|
||||
#ifdef HAVE_GSS_GET_NAME_ATTRIBUTE
|
||||
gss_buffer_desc pac_buffer;
|
||||
gss_buffer_desc pac_display_buffer;
|
||||
/*
|
||||
* gss_get_name_attribute() in MIT krb5 1.10.0 can return unintialized pac_display_buffer
|
||||
* and later gss_release_buffer() will crash on attempting to release it.
|
||||
*
|
||||
* So always initialize the buffer descriptors.
|
||||
*
|
||||
* See following links for more details:
|
||||
* http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658514
|
||||
* http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=7087
|
||||
*/
|
||||
gss_buffer_desc pac_buffer = {
|
||||
.value = NULL,
|
||||
.length = 0
|
||||
};
|
||||
gss_buffer_desc pac_display_buffer = {
|
||||
.value = NULL,
|
||||
.length = 0
|
||||
};
|
||||
gss_buffer_desc pac_name = {
|
||||
.value = discard_const("urn:mspac:"),
|
||||
.length = sizeof("urn:mspac:")-1
|
||||
|
Loading…
Reference in New Issue
Block a user