sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-18 06:04:06 +03:00
Code

librpc/rpc: ignore invalid auth_pad_length values in BIND, ALTER and AUTH3 pdus

Browse Source 
This is a workarround for a bug in old Samba releases.
For BIND_ACK <= 3.5.x and for ALTER_RESP <= 4.2.x (see bug #11061).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11982

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit aef032302863e5f3a888dbf4c52b21d561a0dff4)
This commit is contained in:
Stefan Metzmacher 2016-06-20 16:26:56 +02:00 committed by Karolin Seeger
parent 00e571f94b
commit 85b9f97ee1
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
librpc/rpc/dcerpc_util.c
View File

@ -194,6 +194,22 @@ NTSTATUS dcerpc_pull_auth_trailer(const struct ncacn_packet *pkt,
return NT_STATUS_RPC_PROTOCOL_ERROR;
}
/*
* This is a workarround for a bug in old
* Samba releases. For BIND_ACK <= 3.5.x
* and for ALTER_RESP <= 4.2.x (see bug #11061)
*
* See also bug #11982.
*/
if (auth_data_only && data_and_pad == 0 &&
auth->auth_pad_length > 0) {
/*
* we need to ignore invalid auth_pad_length
* values for BIND_*, ALTER_* and AUTH3 pdus.
*/
auth->auth_pad_length = 0;
}
if (data_and_pad < auth->auth_pad_length) {
DEBUG(1, (__location__ ": ERROR: pad length mismatch. "
"Calculated %u got %u\n",