From 4d83290571ce898d858e044cab161b6a10fe54aa Mon Sep 17 00:00:00 2001
From: Noel Power <noel.power@suse.com>
Date: Thu, 22 Oct 2015 12:37:17 +0100
Subject: [PATCH 2/2] s3: winbind: Prevent null ptr access by returning error
 if no creds available

Prevent rpccli_netlogon_network_logon/rpccli_netlogon_password_logon
being called with 'NULL' credentials

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11569

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit e8fab02773892812f563eea7098847618df76e1b)
---
 source3/winbindd/winbindd_pam.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index bed2220..75a8201 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -1367,8 +1367,11 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain,
 			return result;
 		}
 		netr_attempts = 0;
-
-		if (interactive && username != NULL && password != NULL) {
+		if (domain->conn.netlogon_creds == NULL) {
+			DBG_NOTICE("No security credentials available for "
+				  "domain [%s]\n", domainname);
+			result = NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
+		} else if (interactive && username != NULL && password != NULL) {
 			result = rpccli_netlogon_password_logon(domain->conn.netlogon_creds,
 								netlogon_pipe->binding_handle,
 								mem_ctx,
-- 
2.1.4