sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-28 01:58:17 +03:00
Code

CVE-2022-2031 s4:kpasswd: Account for missing target principal

Browse Source 
This field is supposed to be optional.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15074

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Joseph Sutton 2022-05-27 19:17:02 +12:00 committed by Jule Anger
parent 2872ccc931
commit b423c370b9
1 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
source4/kdc/kpasswd-service-mit.c
View File

@ -142,16 +142,18 @@ static krb5_error_code kpasswd_set_password(struct kdc_server *kdc,
return KRB5_KPASSWD_HARDERROR; return KRB5_KPASSWD_HARDERROR;
} }
target_realm = smb_krb5_principal_get_realm( if (target_principal != NULL) {
mem_ctx, context, target_principal); target_realm = smb_krb5_principal_get_realm(
code = krb5_unparse_name_flags(context, mem_ctx, context, target_principal);
target_principal, code = krb5_unparse_name_flags(context,
KRB5_PRINCIPAL_UNPARSE_NO_REALM, target_principal,
&target_name); KRB5_PRINCIPAL_UNPARSE_NO_REALM,
if (code != 0) { &target_name);
DBG_WARNING("Failed to parse principal\n"); if (code != 0) {
*error_string = "String conversion failed"; DBG_WARNING("Failed to parse principal\n");
return KRB5_KPASSWD_HARDERROR; *error_string = "String conversion failed";
return KRB5_KPASSWD_HARDERROR;
}
} }
if ((target_name != NULL && target_realm == NULL) || if ((target_name != NULL && target_realm == NULL) ||