diff --git a/lib/util/data_blob.c b/lib/util/data_blob.c index e528eb093a0..77b077f7ef9 100644 --- a/lib/util/data_blob.c +++ b/lib/util/data_blob.c @@ -245,3 +245,24 @@ _PUBLIC_ bool data_blob_append(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, return true; } +/** + pad the length of a data blob to a multiple of + 'pad'. 'pad' must be a power of two. +**/ +_PUBLIC_ bool data_blob_pad(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, + size_t pad) +{ + size_t old_len = blob->length; + size_t new_len = (old_len + pad - 1) & ~(pad - 1); + + if (new_len < old_len) { + return false; + } + + if (!data_blob_realloc(mem_ctx, blob, new_len)) { + return false; + } + + memset(blob->data + old_len, 0, new_len - old_len); + return true; +} diff --git a/lib/util/data_blob.h b/lib/util/data_blob.h index 799e9531cbd..7a0dc3b0014 100644 --- a/lib/util/data_blob.h +++ b/lib/util/data_blob.h @@ -126,6 +126,13 @@ _PUBLIC_ bool data_blob_realloc(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, size_t len _PUBLIC_ bool data_blob_append(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, const void *p, size_t length); +/** + pad the length of a data blob to a multiple of + 'pad'. 'pad' must be a power of two. +**/ +_PUBLIC_ bool data_blob_pad(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, + size_t pad); + extern const DATA_BLOB data_blob_null; #endif /* _SAMBA_DATABLOB_H_ */ diff --git a/selftest/knownfail_heimdal_kdc b/selftest/knownfail_heimdal_kdc index 62194b66f3a..a8810abcf8f 100644 --- a/selftest/knownfail_heimdal_kdc +++ b/selftest/knownfail_heimdal_kdc @@ -98,17 +98,3 @@ ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_fast_service_ticket ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_fast_sid_mismatch_existing ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_fast_sid_mismatch_nonexisting -# -# PAC alignment tests -# -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_7_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_8_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_9_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_11_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_12_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_13_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_15_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_16_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_17_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_19_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_20_chars diff --git a/selftest/knownfail_mit_kdc b/selftest/knownfail_mit_kdc index b4306940bec..79c1219e2d5 100644 --- a/selftest/knownfail_mit_kdc +++ b/selftest/knownfail_mit_kdc @@ -548,17 +548,3 @@ samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_ ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_tgs_rodc_logon_info_sid_mismatch_nonexisting ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_tgs_rodc_requester_sid_mismatch_existing ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_tgs_rodc_requester_sid_mismatch_nonexisting -# -# PAC alignment tests -# -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_7_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_8_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_9_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_11_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_12_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_13_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_15_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_16_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_17_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_19_chars -^samba.tests.krb5.pac_align_tests.samba.tests.krb5.pac_align_tests.PacAlignTests.test_pac_align_20_chars diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index 4c91fe57081..10831671fac 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -109,6 +109,7 @@ NTSTATUS samba_get_upn_info_pac_blob(TALLOC_CTX *mem_ctx, union PAC_INFO pac_upn; enum ndr_err_code ndr_err; NTSTATUS nt_status; + bool ok; ZERO_STRUCT(pac_upn); @@ -142,6 +143,11 @@ NTSTATUS samba_get_upn_info_pac_blob(TALLOC_CTX *mem_ctx, return nt_status; } + ok = data_blob_pad(mem_ctx, upn_data, 8); + if (!ok) { + return NT_STATUS_NO_MEMORY; + } + return NT_STATUS_OK; }