[SCM] Samba Shared Repository - branch v4-11-test updated

Karolin Seeger kseeger at samba.org
Tue Mar 31 16:15:02 UTC 2020 

The branch, v4-11-test has been updated
       via  16d837cb233 nsswitch: fix use-after-free causing segfault in _pam_delete_cred
      from  8159513ac73 ctdb-recoverd: Avoid dereferencing NULL rec->nodemap

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-11-test


- Log -----------------------------------------------------------------
commit 16d837cb233fca641943d0194a3e0cb379275ec4
Author: Günther Deschner <gd at samba.org>
Date:   Fri Mar 27 10:13:11 2020 +0100

    nsswitch: fix use-after-free causing segfault in _pam_delete_cred
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14327
    
    Guenther
    
    Signed-off-by: Guenther Deschner <gd at samba.org>
    Reviewed-by: Alexander Bokovoy <ab at samba.org>
    
    Autobuild-User(master): Günther Deschner <gd at samba.org>
    Autobuild-Date(master): Mon Mar 30 13:01:20 UTC 2020 on sn-devel-184
    
    (cherry picked from commit 047b0d8ab534c7a10a8572fd9f21e2456fd30710)
    
    Autobuild-User(v4-11-test): Karolin Seeger <kseeger at samba.org>
    Autobuild-Date(v4-11-test): Tue Mar 31 16:14:54 UTC 2020 on sn-devel-184

-----------------------------------------------------------------------

Summary of changes:
 nsswitch/pam_winbind.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


Changeset truncated at 500 lines:

diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
index 3ad70d3c4cd..7af03fe2bd0 100644
--- a/nsswitch/pam_winbind.c
+++ b/nsswitch/pam_winbind.c
@@ -2609,7 +2609,6 @@ static int _pam_delete_cred(pam_handle_t *pamh, int flags,
 		wbc_status = wbcCtxLogoffUserEx(ctx->wbc_ctx, &logoff, &error);
 		retval = wbc_auth_error_to_pam_error(ctx, error, wbc_status,
 						     user, "wbcLogoffUser");
-		wbcFreeMemory(error);
 		wbcFreeMemory(logoff.blobs);
 		logoff.blobs = NULL;
 
@@ -2629,6 +2628,7 @@ out:
 		retval = wbc_auth_error_to_pam_error(ctx, error, wbc_status,
 		     user, "wbcLogoffUser");
 	}
+	wbcFreeMemory(error);
 
 	/*
 	 * Delete the krb5 ccname variable from the PAM environment


-- 
Samba Shared Repository

More information about the samba-cvs mailing list