[SCM] Samba Shared Repository - branch master updated

Andrew Bartlett abartlet at samba.org
Fri Jul 13 02:05:03 MDT 2012


The branch, master has been updated
       via  10b818b s3-auth_samba4: Explain that check_samba4_security is actually unused
       via  1013fab lib/util: Allocate enough space to reference blob->data[len]
      from  15fedb3 s3-auth Remove unused global_machine_account_needs_changing

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 10b818bb222aaec4de2c31594e5ca48102f7af6a
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Fri Jul 13 15:51:49 2012 +1000

    s3-auth_samba4: Explain that check_samba4_security is actually unused
    
    Because of the evolution in the way the auth handling has been done, we do not
    need this code any more.  Raw NTLM Session setup & X is done via the auth4 context
    which returns a full session info.
    
    Andrew Bartlett
    
    Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
    Autobuild-Date(master): Fri Jul 13 10:04:05 CEST 2012 on sn-devel-104

commit 1013fab5f82f283335a5d8cbb1bfde8a80d7979c
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Fri Jul 13 15:42:08 2012 +1000

    lib/util: Allocate enough space to reference blob->data[len]
    
    Found by Thomas Hood <jdthood at gmail.com> using valgrind.
    
    Thanks!
    
    Andrew Bartlett

-----------------------------------------------------------------------

Summary of changes:
 lib/util/asn1.c            |    6 +++---
 source3/auth/auth_samba4.c |   10 ++++++++++
 2 files changed, 13 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/util/asn1.c b/lib/util/asn1.c
index c23bf65..70637a3 100644
--- a/lib/util/asn1.c
+++ b/lib/util/asn1.c
@@ -844,7 +844,7 @@ bool asn1_read_OctetString(struct asn1_data *data, TALLOC_CTX *mem_ctx, DATA_BLO
 		return false;
 	}
 	*blob = data_blob_talloc(mem_ctx, NULL, len+1);
-	if (!blob->data) {
+	if (!blob->data || blob->length < len) {
 		data->has_error = true;
 		return false;
 	}
@@ -927,8 +927,8 @@ bool asn1_read_BitString(struct asn1_data *data, TALLOC_CTX *mem_ctx, DATA_BLOB
 	}
 	if (!asn1_read_uint8(data, padding)) return false;
 
-	*blob = data_blob_talloc(mem_ctx, NULL, len);
-	if (!blob->data) {
+	*blob = data_blob_talloc(mem_ctx, NULL, len+1);
+	if (!blob->data || blob->length < len) {
 		data->has_error = true;
 		return false;
 	}
diff --git a/source3/auth/auth_samba4.c b/source3/auth/auth_samba4.c
index ff73ffb..6093de4 100644
--- a/source3/auth/auth_samba4.c
+++ b/source3/auth/auth_samba4.c
@@ -31,6 +31,16 @@
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_AUTH
 
+/* 
+ * This hook is currently unused, as all NTLM logins go via the hooks
+ * provided by make_auth4_context_s4() below.
+ *
+ * This is only left in case we find a way that it might become useful
+ * in future.  Importantly, this routine returns the information
+ * needed for a NETLOGON SamLogon, not what is needed to establish a
+ * session.
+ */
+
 static NTSTATUS check_samba4_security(const struct auth_context *auth_context,
 				      void *my_private_data,
 				      TALLOC_CTX *mem_ctx,


-- 
Samba Shared Repository


More information about the samba-cvs mailing list