[SCM] Samba Shared Repository - branch v4-3-test updated

Karolin Seeger kseeger at samba.org
Wed Jun 15 13:06:05 UTC 2016


The branch, v4-3-test has been updated
       via  2b18b8b s3: krb5: keytab - The done label can be jumped to with context == NULL.
       via  fd1bccc lib: Fix uninitialized read in msghdr_copy
      from  55785c9 VERSION: Bump version up to 4.3.11...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test


- Log -----------------------------------------------------------------
commit 2b18b8b246dac53ce1946f544043e210e389f60d
Author: Jeremy Allison <jra at samba.org>
Date:   Wed Jun 8 14:50:59 2016 -0700

    s3: krb5: keytab - The done label can be jumped to with context == NULL.
    
    Ensure we don't crash in this case.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=11959
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Uri Simchoni <uri at samba.org>
    
    Autobuild-User(master): Uri Simchoni <uri at samba.org>
    Autobuild-Date(master): Thu Jun  9 13:18:56 CEST 2016 on sn-devel-144
    
    (cherry picked from commit e46cb9b835eb8f2bd998def82baf6f07fda9fe5c)
    
    Autobuild-User(v4-3-test): Karolin Seeger <kseeger at samba.org>
    Autobuild-Date(v4-3-test): Wed Jun 15 15:05:50 CEST 2016 on sn-devel-104

commit fd1bccc9450081d6d121decb965668b848b08342
Author: Jeremy Allison <jra at samba.org>
Date:   Wed Jun 8 14:34:20 2016 +0200

    lib: Fix uninitialized read in msghdr_copy
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Volker Lendecke <vl at samba.org>
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=11955
    
    Autobuild-User(master): Volker Lendecke <vl at samba.org>
    Autobuild-Date(master): Wed Jun  8 18:34:27 CEST 2016 on sn-devel-144
    
    (cherry picked from commit 0e2711b2a0adeda6873f9c8161b9b01a56ae7098)

-----------------------------------------------------------------------

Summary of changes:
 source3/lib/msghdr.c             |  9 ++++++++-
 source3/libads/kerberos_keytab.c | 18 ++++++++----------
 2 files changed, 16 insertions(+), 11 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/lib/msghdr.c b/source3/lib/msghdr.c
index 2aa2f2e..6917069 100644
--- a/source3/lib/msghdr.c
+++ b/source3/lib/msghdr.c
@@ -204,7 +204,14 @@ ssize_t msghdr_copy(struct msghdr_buf *msg, size_t msgsize,
 	bufsize = (msgsize > offsetof(struct msghdr_buf, buf)) ?
 		msgsize - offsetof(struct msghdr_buf, buf) : 0;
 
-	fd_len = msghdr_prep_fds(&msg->msg, msg->buf, bufsize, fds, num_fds);
+	if (msg != NULL) {
+		msg->msg = (struct msghdr) {};
+
+		fd_len = msghdr_prep_fds(&msg->msg, msg->buf, bufsize,
+					 fds, num_fds);
+	} else {
+		fd_len = msghdr_prep_fds(NULL, NULL, bufsize, fds, num_fds);
+	}
 
 	if (fd_len == -1) {
 		return -1;
diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c
index 309e614..b47dde6 100644
--- a/source3/libads/kerberos_keytab.c
+++ b/source3/libads/kerberos_keytab.c
@@ -744,26 +744,24 @@ done:
 	TALLOC_FREE(oldEntries);
 	TALLOC_FREE(frame);
 
-	{
+	if (context) {
 		krb5_keytab_entry zero_kt_entry;
+		krb5_kt_cursor zero_csr;
+
 		ZERO_STRUCT(zero_kt_entry);
+		ZERO_STRUCT(zero_csr);
+
 		if (memcmp(&zero_kt_entry, &kt_entry,
 				sizeof(krb5_keytab_entry))) {
 			smb_krb5_kt_free_entry(context, &kt_entry);
 		}
-	}
-	{
-		krb5_kt_cursor zero_csr;
-		ZERO_STRUCT(zero_csr);
 		if ((memcmp(&cursor, &zero_csr,
 				sizeof(krb5_kt_cursor)) != 0) && keytab) {
 			krb5_kt_end_seq_get(context, keytab, &cursor);
 		}
-	}
-	if (keytab) {
-		krb5_kt_close(context, keytab);
-	}
-	if (context) {
+		if (keytab) {
+			krb5_kt_close(context, keytab);
+		}
 		krb5_free_context(context);
 	}
 	return ret;


-- 
Samba Shared Repository



More information about the samba-cvs mailing list