[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Sep 27 14:30:02 CEST 2013
The branch, master has been updated
via 6bf9a77 Stop use after free
from 89200c2 dsdb: Convert the full string from UTF16 to UTF8, including embedded NULLs
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 6bf9a774718917c3429fa1492f5b0268ae5e01c3
Author: Alistair Leslie-Hughes <leslie_alistair at hotmail.com>
Date: Fri Sep 27 08:31:00 2013 +1000
Stop use after free
Fixes bug #10087
Thanks to Man Min Yan for their analysis and providing a solution to the issue.
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Sep 27 14:29:46 CEST 2013 on sn-devel-104
-----------------------------------------------------------------------
Summary of changes:
source3/utils/ntlm_auth.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 8d55629..1df615c 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -1678,7 +1678,11 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
} else {
reply_code = "AF";
- reply_arg = session_info->unix_info->unix_name;
+ reply_arg = talloc_strdup(state->gensec_state, session_info->unix_info->unix_name);
+ if (reply_arg == NULL) {
+ reply_code = "BH out of memory";
+ reply_arg = nt_errstr(NT_STATUS_NO_MEMORY);
+ }
talloc_free(session_info);
}
} else if (state->gensec_state->gensec_role == GENSEC_CLIENT) {
--
Samba Shared Repository
More information about the samba-cvs
mailing list