1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
samba-mirror/source4/auth
Stefan Metzmacher a1136ed2e0 CVE-2021-20251: s4:auth: fix use after free in authsam_logon_success_accounting()
This fixes a use after free problem introduced by
commit 7b8e32efc3,
which has msg = current; which means the lifetime
of the 'msg' memory is no longer in the scope of th
caller.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15253

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 1414269dcc)

Autobuild-User(v4-16-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-16-test): Mon Dec 12 15:52:22 UTC 2022 on sn-devel-184
2022-12-12 15:52:22 +00:00
..
gensec CVE-2022-2031 gensec_krb5: Add helper function to check if client sent an initial ticket 2022-07-24 09:23:55 +02:00
kerberos CVE-2022-2031 s4:auth: Use PAC to determine whether ticket is a TGT 2022-07-24 09:23:56 +02:00
ntlm CVE-2021-20251: s4:auth: fix use after free in authsam_logon_success_accounting() 2022-12-12 15:52:22 +00:00
tests CVE-2021-20251: s4:auth: fix use after free in authsam_logon_success_accounting() 2022-12-12 15:52:22 +00:00
auth.h CVE-2020-25719 CVE-2020-25717: s4:auth: remove unused auth_generate_session_info_principal() 2021-11-09 19:45:33 +00:00
pyauth.c pyauth: add python binding for auth_session_info_set_unix() 2020-06-05 10:32:31 +00:00
pyauth.h
sam.c CVE-2021-20251: s4:auth: fix use after free in authsam_logon_success_accounting() 2022-12-12 15:52:22 +00:00
samba_server_gensec.c s4:auth: use talloc_reparent() in samba_server_gensec_krb5_start() 2017-05-30 08:06:07 +02:00
session.c CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info 2022-07-24 09:23:56 +02:00
session.h
system_session.c CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info 2022-07-24 09:23:56 +02:00
unix_token.c s4-auth/unix_token: add new function auth_session_info_set_unix() 2020-06-05 10:32:31 +00:00
wscript_build samba: tag release samba-4.16.6 2022-10-25 11:55:25 +02:00
wscript_configure s4:auth/gensec: remove unused and untested cyrus_sasl module 2015-06-23 22:12:08 +02:00