[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Wed Jan 13 23:53:01 UTC 2021
The branch, master has been updated
via 4e624478dcd s4 auth ntlm: Fix integer overflow in authsam_password_check_and_record
from 181afa9f68c s3:libsmb: Use cli_credentials directly
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 4e624478dcd119f80f33b024b2f0b9a41688b425
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Wed Jan 13 12:04:18 2021 +1300
s4 auth ntlm: Fix integer overflow in authsam_password_check_and_record
Fix a ubsan detected integer overflow.
../../source4/auth/ntlm/auth_sam.c:445:56: runtime error:
signed integer overflow: 60 * 600000000
cannot be represented in type 'int'
In practice this meant that the default for the smb.conf parameter
"old password allowed period" was approximately 16 seconds, rather than
the intended 60 minutes. Similarly the value used would be 22.5 times
less than the value specified in smd.conf.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jan 13 23:52:38 UTC 2021 on sn-devel-184
-----------------------------------------------------------------------
Summary of changes:
source4/auth/ntlm/auth_sam.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/source4/auth/ntlm/auth_sam.c b/source4/auth/ntlm/auth_sam.c
index 70eddc12c53..c5b27171937 100644
--- a/source4/auth/ntlm/auth_sam.c
+++ b/source4/auth/ntlm/auth_sam.c
@@ -442,7 +442,8 @@ static NTSTATUS authsam_password_check_and_record(struct auth4_context *auth_con
/*
* NTTIME uses 100ns units
*/
- allowed_period = allowed_period_mins * 60 * 1000*1000*10;
+ allowed_period = (NTTIME) allowed_period_mins *
+ 60 * 1000*1000*10;
pwdLastSet = samdb_result_nttime(msg, "pwdLastSet", 0);
tv_now = timeval_current();
now = timeval_to_nttime(&tv_now);
--
Samba Shared Repository
More information about the samba-cvs
mailing list