Bug 15300 - client might cause (Samba AD DC) Heimdal KDC to strchr() beyond the end of a string
Summary: client might cause (Samba AD DC) Heimdal KDC to strchr() beyond the end of a ...
Status: RESOLVED WONTFIX
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.18.0rc2
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-02-07 04:10 UTC by Andrew Bartlett
Modified: 2023-08-02 21:17 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Bartlett 2023-02-07 04:10:29 UTC
An un-authenticated NULL pointer de-reference can be triggered in the Heimdal KDC.

Samba's KDC should auto-restart, but this still needs to be fixed and backported.
Comment 2 Andrew Bartlett 2023-02-07 04:24:16 UTC
At least for this particular codepath, perhaps due to how Samba as an AD DC handles referrals, I can't reproduce this issue.
Comment 3 Andrew Bartlett 2023-08-02 21:17:57 UTC
Marking as WONTFIX, but we will have imported this commit for Samba 4.19 in any case with the Heimdal updates.