Bug 11037 - Segfault in kerberos_fetch_pac()
Summary: Segfault in kerberos_fetch_pac()
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services (show other bugs)
Version: 4.1.14
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-01-07 16:14 UTC by Andreas Schneider
Modified: 2015-01-16 20:12 UTC (History)
3 users (show)

See Also:


Attachments
v4-2-test patch (2.07 KB, patch)
2015-01-08 09:33 UTC, Andreas Schneider
jra: review+
Details
v4-1-test patch (1.39 KB, patch)
2015-01-08 09:35 UTC, Andreas Schneider
jra: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Schneider 2015-01-07 16:14:19 UTC
kerberos_fetch_pac() can segfault if pac_blob is passed as NULL and then the NULL pointer is dereferenced.
Comment 1 Andreas Schneider 2015-01-08 09:33:12 UTC
Created attachment 10590 [details]
v4-2-test patch
Comment 2 Andreas Schneider 2015-01-08 09:35:56 UTC
Created attachment 10591 [details]
v4-1-test patch

This is a backport, not just a cherry-pick!
Comment 3 Jeremy Allison 2015-01-08 18:04:36 UTC
Comment on attachment 10591 [details]
v4-1-test patch

LGTM.
Comment 4 Jeremy Allison 2015-01-08 18:07:47 UTC
Re-assigning to Karolin for inclusion in 4.1.next, 4.2.0.
Comment 5 Karolin Seeger 2015-01-14 21:02:02 UTC
(In reply to Jeremy Allison from comment #4)
Pushed to autobuild-v4-[1|2]-test.
Comment 6 Karolin Seeger 2015-01-16 20:12:05 UTC
Pushed to both branches.
Closing out bug report.

Thanks!