The branch, master has been updated
via 10b818b s3-auth_samba4: Explain that check_samba4_security is
actually unused
via 1013fab lib/util: Allocate enough space to reference blob->data[len]
from 15fedb3 s3-auth Remove unused global_machine_account_needs_changing
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 10b818bb222aaec4de2c31594e5ca48102f7af6a
Author: Andrew Bartlett <[email protected]>
Date: Fri Jul 13 15:51:49 2012 +1000
s3-auth_samba4: Explain that check_samba4_security is actually unused
Because of the evolution in the way the auth handling has been done, we do
not
need this code any more. Raw NTLM Session setup & X is done via the auth4
context
which returns a full session info.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <[email protected]>
Autobuild-Date(master): Fri Jul 13 10:04:05 CEST 2012 on sn-devel-104
commit 1013fab5f82f283335a5d8cbb1bfde8a80d7979c
Author: Andrew Bartlett <[email protected]>
Date: Fri Jul 13 15:42:08 2012 +1000
lib/util: Allocate enough space to reference blob->data[len]
Found by Thomas Hood <[email protected]> using valgrind.
Thanks!
Andrew Bartlett
-----------------------------------------------------------------------
Summary of changes:
lib/util/asn1.c | 6 +++---
source3/auth/auth_samba4.c | 10 ++++++++++
2 files changed, 13 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/util/asn1.c b/lib/util/asn1.c
index c23bf65..70637a3 100644
--- a/lib/util/asn1.c
+++ b/lib/util/asn1.c
@@ -844,7 +844,7 @@ bool asn1_read_OctetString(struct asn1_data *data,
TALLOC_CTX *mem_ctx, DATA_BLO
return false;
}
*blob = data_blob_talloc(mem_ctx, NULL, len+1);
- if (!blob->data) {
+ if (!blob->data || blob->length < len) {
data->has_error = true;
return false;
}
@@ -927,8 +927,8 @@ bool asn1_read_BitString(struct asn1_data *data, TALLOC_CTX
*mem_ctx, DATA_BLOB
}
if (!asn1_read_uint8(data, padding)) return false;
- *blob = data_blob_talloc(mem_ctx, NULL, len);
- if (!blob->data) {
+ *blob = data_blob_talloc(mem_ctx, NULL, len+1);
+ if (!blob->data || blob->length < len) {
data->has_error = true;
return false;
}
diff --git a/source3/auth/auth_samba4.c b/source3/auth/auth_samba4.c
index ff73ffb..6093de4 100644
--- a/source3/auth/auth_samba4.c
+++ b/source3/auth/auth_samba4.c
@@ -31,6 +31,16 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
+/*
+ * This hook is currently unused, as all NTLM logins go via the hooks
+ * provided by make_auth4_context_s4() below.
+ *
+ * This is only left in case we find a way that it might become useful
+ * in future. Importantly, this routine returns the information
+ * needed for a NETLOGON SamLogon, not what is needed to establish a
+ * session.
+ */
+
static NTSTATUS check_samba4_security(const struct auth_context *auth_context,
void *my_private_data,
TALLOC_CTX *mem_ctx,
--
Samba Shared Repository
