commit 43c841b6bd92e987109df81b6b8a2b85f21b0181 Author: Volker Lendecke <vl@samba.org> Date: Sat Jan 9 20:22:00 2010 +0100 s3: Fix a segfault in winbindd_dual_ccache_ntlm_auth() ntlmssp_update allocates the reply_blob as a child of ntlmssp_state. This means with ntlmss_end() it will be gone. winbindd_dual_ccache_ntlm_auth used the blob after the ntlmssp_end().
Created attachment 5157 [details] git-am patch for 3.5.0.
Created attachment 5158 [details] git-am format patch for 3.4.5.
Created attachment 5159 [details] git-am format patch for 3.3.10
Comment on attachment 5159 [details] git-am format patch for 3.3.10 Scratch the patches for 3.4.x and 3.3.x. The msrpc_parse code is different there and doesn't use ntlmssp_state as the talloc patent of the reply_blob. This is why he have not yet seen crashes in 3.4.x or 3.3.x. Patch is still needed for 3.5.0 though. Jeremy.
Comment on attachment 5158 [details] git-am format patch for 3.4.5. Scratch the patches for 3.4.x and 3.3.x. The msrpc_parse code is different there and doesn't use ntlmssp_state as the talloc patent of the reply_blob. This is why he have not yet seen crashes in 3.4.x or 3.3.x. Patch is still needed for 3.5.0 though. Jeremy.
Comment on attachment 5157 [details] git-am patch for 3.5.0. A bit pointless to review given the authorship of this patch :-)
Karolin, this needs to go into 3.5.0. Thanks, Volker
Pushed to v3-5-test. Closing out bug report. Thanks!