1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

s4:drsuapi RPC server - check for the "SPN" attribute != NULL

The SPN attribute could derive from an untrusted source (client).

Reviewed-by: Jelmer
This commit is contained in:
Matthias Dieter Wallnöfer 2011-03-01 13:03:59 +01:00
parent 0e68867b26
commit fecf925043

View File

@ -59,6 +59,12 @@ static bool writespn_check_spn(struct drsuapi_bind_state *b_state,
krb5_principal principal; krb5_principal principal;
const char *dns_name, *dnsHostName; const char *dns_name, *dnsHostName;
/* The service principal name shouldn't be NULL */
if (spn == NULL) {
talloc_free(tmp_ctx);
return false;
}
/* /*
get the objectSid of the DN that is being modified, and get the objectSid of the DN that is being modified, and
check it matches the user_sid in their token check it matches the user_sid in their token