The Samba-Bugzilla – Attachment 14626 Details for
Bug 13571
[SECURITY] CVE-2018-16853 S4U2Self crash with MIT KDC build
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
fix asn1 crash
asn1_crash.patch.txt (text/plain), 1.31 KB, created by
Isaac Boukris
on 2018-11-07 21:15:55 UTC
(
hide
)
Description:
fix asn1 crash
Filename:
MIME Type:
Creator:
Isaac Boukris
Created:
2018-11-07 21:15:55 UTC
Size:
1.31 KB
patch
obsolete
>From 41380894077b57116efb98736b7fb0af7480b38f Mon Sep 17 00:00:00 2001 >From: Isaac Boukris <iboukris@gmail.com> >Date: Wed, 7 Nov 2018 22:53:35 +0200 >Subject: [PATCH] mit-kdc: fix crash in expired passowrd case > >When calling encode_krb5_padata_sequence() make sure to >pass a null terminated array as required. > >Fixes expired passowrd case in samba4.blackbox.kinit test. > >Signed-off-by: Isaac Boukris <iboukris@gmail.com> >--- > source4/kdc/mit_samba.c | 7 ++++--- > 1 file changed, 4 insertions(+), 3 deletions(-) > >diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c >index 414e67c6a98..eacca0903ec 100644 >--- a/source4/kdc/mit_samba.c >+++ b/source4/kdc/mit_samba.c >@@ -865,7 +865,7 @@ krb5_error_code encode_krb5_padata_sequence(krb5_pa_data *const *rep, krb5_data > static void samba_kdc_build_edata_reply(NTSTATUS nt_status, DATA_BLOB *e_data) > { > krb5_error_code ret = 0; >- krb5_pa_data pa, *ppa = NULL; >+ krb5_pa_data pa, *ppa[2]; > krb5_data *d = NULL; > > if (!e_data) >@@ -886,9 +886,10 @@ static void samba_kdc_build_edata_reply(NTSTATUS nt_status, DATA_BLOB *e_data) > SIVAL(pa.contents, 4, 0); > SIVAL(pa.contents, 8, 1); > >- ppa = &pa; >+ ppa[0] = &pa; >+ ppa[1] = NULL; > >- ret = encode_krb5_padata_sequence(&ppa, &d); >+ ret = encode_krb5_padata_sequence(ppa, &d); > free(pa.contents); > if (ret) { > return; >-- >2.14.3 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
asn
:
review+
Actions:
View
Attachments on
bug 13571
:
14431
|
14432
|
14451
|
14626
|
14676
|
14677
|
14678
|
14679