sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-06 13:18:07 +03:00
Code
585df7e022
samba-mirror/source4/auth/ntlm
History
Stefan Metzmacher a1136ed2e0 CVE-2021-20251: s4:auth: fix use after free in authsam_logon_success_accounting() 
This fixes a use after free problem introduced by
commit 7b8e32efc3,
which has msg = current; which means the lifetime
of the 'msg' memory is no longer in the scope of th
caller.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15253

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 1414269dcc)

Autobuild-User(v4-16-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-16-test): Mon Dec 12 15:52:22 UTC 2022 on sn-devel-184
2022-12-12 15:52:22 +00:00
..
auth_anonymous.c auth4: Make auth_anonymous pseudo-async 2021-04-16 09:38:35 +00:00
auth_developer.c CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info 2022-07-24 09:23:56 +02:00
auth_sam.c CVE-2021-20251: s4:auth: fix use after free in authsam_logon_success_accounting() 2022-12-12 15:52:22 +00:00
auth_server_service.c auth: Use DBGC_AUTH as DBGC_CLASS for AD DC NTLM auth code. 2018-05-21 23:48:18 +02:00
auth_simple.c s4:auth: let authenticate_ldap_simple_bind() pass down the mapped nt4names 2022-03-16 14:40:08 +00:00
auth_util.c s4:auth: encrypt_user_info() should set password_state instead of mapped_state 2022-03-16 13:41:14 +00:00
auth_winbind.c CVE-2021-20251: s4:auth: fix use after free in authsam_logon_success_accounting() 2022-12-12 15:52:22 +00:00
auth.c s4:auth: check for user_info->mapped.account_name if it needs to be filled 2022-03-16 13:41:14 +00:00
wscript_build auth4: Remove unused auth_unix 2021-04-19 07:07:01 +00:00