From e53b095c1ad558b28e6aeed135e0d63e0cf7d628 Mon Sep 17 00:00:00 2001
From: Noel Power <noel.power@suse.com>
Date: Thu, 22 Oct 2015 12:37:17 +0100
Subject: [PATCH 1/2] Prevent null ptr access by returning error if no creds
 available

Prevent rpccli_netlogon_network_logon/rpccli_netlogon_password_logon
being called with 'NULL' credentials

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11569
Signed-off-by: Noel Power <noel.power@suse.com>
---
 source3/winbindd/winbindd_pam.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index bed2220..a09143f 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -1367,8 +1367,11 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain,
 			return result;
 		}
 		netr_attempts = 0;
-
-		if (interactive && username != NULL && password != NULL) {
+		if (domain->conn.netlogon_creds == NULL) {
+			DEBUG(3, ("No security credentials available for "
+				  "domain [%s]\n", domainname));
+			result = NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
+		} else if (interactive && username != NULL && password != NULL) {
 			result = rpccli_netlogon_password_logon(domain->conn.netlogon_creds,
 								netlogon_pipe->binding_handle,
 								mem_ctx,
-- 
2.1.4