The Samba-Bugzilla – Attachment 9603 Details for
Bug 10320
smbpasswd crashes on invalid input.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
git-am fix for 4.1.x
0001-s3-smbpasswd-fix-crashes-on-invalid-input.patch (text/plain), 3.58 KB, created by
Jeremy Allison
on 2014-01-17 22:09:15 UTC
(
hide
)
Description:
git-am fix for 4.1.x
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2014-01-17 22:09:15 UTC
Size:
3.58 KB
patch
obsolete
>From 3744d3fb132dde6fd21266e708db687d72d8f091 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Fri, 17 Jan 2014 14:04:16 -0800 >Subject: [PATCH] s3: smbpasswd - fix crashes on invalid input. > >get_pass can return NULL on error. Ensure that >this is always the case and fix all callers to cope >(some already did). > >Reported by Joonas Kuorilehto <joneskoo@codenomicon.com> > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=10320 > >Signed-off-by: Jeremy Allison <jra@samba.org> >Reviewed-by: Volker Lendecke <vl@samba.org> > >Autobuild-User(master): Volker Lendecke <vl@samba.org> >Autobuild-Date(master): Mon Dec 16 15:17:58 CET 2013 on sn-devel-104 > >(cherry picked from commit ef5a3bedab74420baf0c653cf8e304fe6c2a13b4) >--- > source3/utils/net.c | 5 +++++ > source3/utils/passwd_util.c | 14 +++++++++----- > source3/utils/smbpasswd.c | 14 ++++++++++++++ > 3 files changed, 28 insertions(+), 5 deletions(-) > >diff --git a/source3/utils/net.c b/source3/utils/net.c >index 3473641..1308d94 100644 >--- a/source3/utils/net.c >+++ b/source3/utils/net.c >@@ -105,6 +105,11 @@ static int net_changesecretpw(struct net_context *c, int argc, > } > > trust_pw = get_pass(_("Enter machine password: "), c->opt_stdin); >+ if (trust_pw == NULL) { >+ d_fprintf(stderr, >+ _("Error in reading machine password\n")); >+ return 1; >+ } > > if (!secrets_store_machine_password(trust_pw, lp_workgroup(), sec_channel_type)) { > d_fprintf(stderr, >diff --git a/source3/utils/passwd_util.c b/source3/utils/passwd_util.c >index 5716c17..4884d63 100644 >--- a/source3/utils/passwd_util.c >+++ b/source3/utils/passwd_util.c >@@ -42,11 +42,12 @@ char *stdin_new_passwd( void) > * the newline that ends the password, then replace the newline with > * a null terminator. > */ >- if ( fgets(new_pw, sizeof(new_pw), stdin) != NULL) { >- if ((len = strlen(new_pw)) > 0) { >- if(new_pw[len-1] == '\n') >- new_pw[len - 1] = 0; >- } >+ if ( fgets(new_pw, sizeof(new_pw), stdin) == NULL) { >+ return NULL; >+ } >+ if ((len = strlen(new_pw)) > 0) { >+ if(new_pw[len-1] == '\n') >+ new_pw[len - 1] = 0; > } > return(new_pw); > } >@@ -64,6 +65,9 @@ char *get_pass( const char *prompt, bool stdin_get) > > if (stdin_get) { > p = stdin_new_passwd(); >+ if (p == NULL) { >+ return NULL; >+ } > } else { > rc = samba_getpass(prompt, pwd, sizeof(pwd), false, false); > if (rc < 0) { >diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c >index d93261e..67780ff 100644 >--- a/source3/utils/smbpasswd.c >+++ b/source3/utils/smbpasswd.c >@@ -217,11 +217,17 @@ static char *prompt_for_new_password(bool stdin_get) > ZERO_ARRAY(new_pw); > > p = get_pass("New SMB password:", stdin_get); >+ if (p == NULL) { >+ return NULL; >+ } > > fstrcpy(new_pw, p); > SAFE_FREE(p); > > p = get_pass("Retype new SMB password:", stdin_get); >+ if (p == NULL) { >+ return NULL; >+ } > > if (strcmp(p, new_pw)) { > fprintf(stderr, "Mismatch - password unchanged.\n"); >@@ -311,6 +317,10 @@ static int process_root(int local_flags) > printf("Setting stored password for \"%s\" in secrets.tdb\n", ldap_admin_dn); > if ( ! *ldap_secret ) { > new_passwd = prompt_for_new_password(stdin_passwd_get); >+ if (new_passwd == NULL) { >+ fprintf(stderr, "Failed to read new password!\n"); >+ exit(1); >+ } > fstrcpy(ldap_secret, new_passwd); > } > if (!store_ldap_admin_pw(ldap_secret)) { >@@ -538,6 +548,10 @@ static int process_nonroot(int local_flags) > > if (remote_machine != NULL) { > old_pw = get_pass("Old SMB password:",stdin_passwd_get); >+ if (old_pw == NULL) { >+ fprintf(stderr, "Unable to get old password.\n"); >+ exit(1); >+ } > } > > if (!new_passwd) { >-- >1.8.5.2 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=9603">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 10320
:
9524
|
9531
| 9603