sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-28 01:58:17 +03:00
Code

CVE-2022-2031 s4:kpasswd: Account for missing target principal

Browse Source 
This field is supposed to be optional.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15074

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Joseph Sutton 2022-05-27 19:17:02 +12:00 committed by Jule Anger
parent 2872ccc931
commit b423c370b9
1 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
source4/kdc/kpasswd-service-mit.c
View File

@ -142,16 +142,18 @@ static krb5_error_code kpasswd_set_password(struct kdc_server *kdc,
return KRB5_KPASSWD_HARDERROR;
}
target_realm = smb_krb5_principal_get_realm(
mem_ctx, context, target_principal);
code = krb5_unparse_name_flags(context,
target_principal,
KRB5_PRINCIPAL_UNPARSE_NO_REALM,
&target_name);
if (code != 0) {
DBG_WARNING("Failed to parse principal\n");
*error_string = "String conversion failed";
return KRB5_KPASSWD_HARDERROR;
if (target_principal != NULL) {
target_realm = smb_krb5_principal_get_realm(
mem_ctx, context, target_principal);
code = krb5_unparse_name_flags(context,
target_principal,
KRB5_PRINCIPAL_UNPARSE_NO_REALM,
&target_name);
if (code != 0) {
DBG_WARNING("Failed to parse principal\n");
*error_string = "String conversion failed";
return KRB5_KPASSWD_HARDERROR;
}
}
if ((target_name != NULL && target_realm == NULL) ||