sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-01 04:58:35 +03:00
Code

CVE-2022-38023 s3:rpc_server/netlogon: Avoid unnecessary loadparm_context allocations

Browse Source 
After s3 and s4 rpc servers merge the loadparm_context is available in
the dcesrv_context structure.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan  9 15:17:14 UTC 2023 on sn-devel-184
This commit is contained in:
Samuel Cabrero 2022-12-22 16:32:40 +01:00 committed by Andreas Schneider
parent 02fba22b8c
commit 56837f3d31
1 changed files with 2 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
source3/rpc_server/netlogon/srv_netlog_nt.c
View File

@ -878,7 +878,7 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p,
* so use a copy to avoid destroying the client values. */
uint32_t in_neg_flags = *r->in.negotiate_flags;
const char *fn;
struct loadparm_context *lp_ctx;
struct loadparm_context *lp_ctx = p->dce_call->conn->dce_ctx->lp_ctx;
struct dom_sid sid;
struct samr_Password mach_pwd;
struct netlogon_creds_CredentialState *creds;
@ -1007,20 +1007,11 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p,
goto out;
}
lp_ctx = loadparm_init_s3(p->mem_ctx, loadparm_s3_helpers());
if (lp_ctx == NULL) {
DEBUG(10, ("loadparm_init_s3 failed\n"));
status = NT_STATUS_INTERNAL_ERROR;
goto out;
}
/* Store off the state so we can continue after client disconnect. */
become_root();
status = schannel_save_creds_state(p->mem_ctx, lp_ctx, creds);
unbecome_root();
talloc_unlink(p->mem_ctx, lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
ZERO_STRUCTP(r->out.return_credentials);
goto out;
@ -2020,7 +2011,7 @@ NTSTATUS _netr_LogonSamLogonEx(struct pipes_struct *p,
{
NTSTATUS status;
struct netlogon_creds_CredentialState *creds = NULL;
struct loadparm_context *lp_ctx;
struct loadparm_context *lp_ctx = p->dce_call->conn->dce_ctx->lp_ctx;
*r->out.authoritative = true;
@ -2029,18 +2020,10 @@ NTSTATUS _netr_LogonSamLogonEx(struct pipes_struct *p,
return status;
}
lp_ctx = loadparm_init_s3(p->mem_ctx, loadparm_s3_helpers());
if (lp_ctx == NULL) {
DEBUG(0, ("loadparm_init_s3 failed\n"));
return NT_STATUS_INTERNAL_ERROR;
}
become_root();
status = schannel_get_creds_state(p->mem_ctx, lp_ctx,
r->in.computer_name, &creds);
unbecome_root();
talloc_unlink(p->mem_ctx, lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
return status;
}