The branch, v4-3-test has been updated
via 2b18b8b s3: krb5: keytab - The done label can be jumped to with
context == NULL.
via fd1bccc lib: Fix uninitialized read in msghdr_copy
from 55785c9 VERSION: Bump version up to 4.3.11...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test
- Log -----------------------------------------------------------------
commit 2b18b8b246dac53ce1946f544043e210e389f60d
Author: Jeremy Allison <[email protected]>
Date: Wed Jun 8 14:50:59 2016 -0700
s3: krb5: keytab - The done label can be jumped to with context == NULL.
Ensure we don't crash in this case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11959
Signed-off-by: Jeremy Allison <[email protected]>
Reviewed-by: Uri Simchoni <[email protected]>
Autobuild-User(master): Uri Simchoni <[email protected]>
Autobuild-Date(master): Thu Jun 9 13:18:56 CEST 2016 on sn-devel-144
(cherry picked from commit e46cb9b835eb8f2bd998def82baf6f07fda9fe5c)
Autobuild-User(v4-3-test): Karolin Seeger <[email protected]>
Autobuild-Date(v4-3-test): Wed Jun 15 15:05:50 CEST 2016 on sn-devel-104
commit fd1bccc9450081d6d121decb965668b848b08342
Author: Jeremy Allison <[email protected]>
Date: Wed Jun 8 14:34:20 2016 +0200
lib: Fix uninitialized read in msghdr_copy
Signed-off-by: Jeremy Allison <[email protected]>
Reviewed-by: Volker Lendecke <[email protected]>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11955
Autobuild-User(master): Volker Lendecke <[email protected]>
Autobuild-Date(master): Wed Jun 8 18:34:27 CEST 2016 on sn-devel-144
(cherry picked from commit 0e2711b2a0adeda6873f9c8161b9b01a56ae7098)
-----------------------------------------------------------------------
Summary of changes:
source3/lib/msghdr.c | 9 ++++++++-
source3/libads/kerberos_keytab.c | 18 ++++++++----------
2 files changed, 16 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/msghdr.c b/source3/lib/msghdr.c
index 2aa2f2e..6917069 100644
--- a/source3/lib/msghdr.c
+++ b/source3/lib/msghdr.c
@@ -204,7 +204,14 @@ ssize_t msghdr_copy(struct msghdr_buf *msg, size_t msgsize,
bufsize = (msgsize > offsetof(struct msghdr_buf, buf)) ?
msgsize - offsetof(struct msghdr_buf, buf) : 0;
- fd_len = msghdr_prep_fds(&msg->msg, msg->buf, bufsize, fds, num_fds);
+ if (msg != NULL) {
+ msg->msg = (struct msghdr) {};
+
+ fd_len = msghdr_prep_fds(&msg->msg, msg->buf, bufsize,
+ fds, num_fds);
+ } else {
+ fd_len = msghdr_prep_fds(NULL, NULL, bufsize, fds, num_fds);
+ }
if (fd_len == -1) {
return -1;
diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c
index 309e614..b47dde6 100644
--- a/source3/libads/kerberos_keytab.c
+++ b/source3/libads/kerberos_keytab.c
@@ -744,26 +744,24 @@ done:
TALLOC_FREE(oldEntries);
TALLOC_FREE(frame);
- {
+ if (context) {
krb5_keytab_entry zero_kt_entry;
+ krb5_kt_cursor zero_csr;
+
ZERO_STRUCT(zero_kt_entry);
+ ZERO_STRUCT(zero_csr);
+
if (memcmp(&zero_kt_entry, &kt_entry,
sizeof(krb5_keytab_entry))) {
smb_krb5_kt_free_entry(context, &kt_entry);
}
- }
- {
- krb5_kt_cursor zero_csr;
- ZERO_STRUCT(zero_csr);
if ((memcmp(&cursor, &zero_csr,
sizeof(krb5_kt_cursor)) != 0) && keytab) {
krb5_kt_end_seq_get(context, keytab, &cursor);
}
- }
- if (keytab) {
- krb5_kt_close(context, keytab);
- }
- if (context) {
+ if (keytab) {
+ krb5_kt_close(context, keytab);
+ }
krb5_free_context(context);
}
return ret;
--
Samba Shared Repository
