From 90a1529baca070ef7a15c7f88baf59ce648dd367 Mon Sep 17 00:00:00 2001 From: Noel Power Date: Thu, 22 Oct 2015 12:37:17 +0100 Subject: [PATCH] Prevent null ptr access by returning error if no creds available Prevent rpccli_netlogon_network_logon/rpccli_netlogon_password_logon being called with 'NULL' credentials Signed-off-by: Noel Power --- source3/rpcclient/cmd_netlogon.c | 5 +++++ source3/winbindd/winbindd_pam.c | 6 ++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c index 2d1c351..ea63602 100644 --- a/source3/rpcclient/cmd_netlogon.c +++ b/source3/rpcclient/cmd_netlogon.c @@ -800,6 +800,11 @@ static NTSTATUS cmd_netlogon_sam_logon(struct rpc_pipe_client *cli, if (argc == 6) sscanf(argv[5], "%x", &logon_param); + if (rpcclient_netlogon_creds == NULL) { + result = NT_STATUS_UNSUCCESSFUL; + goto done; + } + /* Perform the sam logon */ result = rpccli_netlogon_password_logon(rpcclient_netlogon_creds, diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index bed2220..2dd277a 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -1367,8 +1367,10 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain, return result; } netr_attempts = 0; - - if (interactive && username != NULL && password != NULL) { + if (!domain->conn.netlogon_creds) { + DEBUG(3, ("No security credentials available.\n")); + result = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + } else if (interactive && username != NULL && password != NULL) { result = rpccli_netlogon_password_logon(domain->conn.netlogon_creds, netlogon_pipe->binding_handle, mem_ctx, -- 1.8.5.6