Kerberos Ticket without principal?

Christian M Ambach christian.ambach at
Fri Jul 22 11:20:54 MDT 2011

Hi list,

I have seen a smbd built from v3-6-test crashing today in 
because princ_name was null and it then tripped over that in the following 
strchr_m(princ_name, '@').
Unfortunately, I couldn't save away a log or core file and I wasn't able 
recreate it yet :(

What do you think might have gone wrong here? Did the Windows box send an 
Kerberos ticket or did we fail to parse it somewhere?

My naive approach to prevent further coredumps would be to add a safeguard 
before the
strchr_m line, something like:

--- a/source3/auth/user_krb5.c
+++ b/source3/auth/user_krb5.c
@@ -49,6 +49,11 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX 
        DEBUG(3, ("Kerberos ticket principal name is [%s]\n", 
+       if (!princ_name) {
+               DEBUG(3, ("Ticket as empty principal!\n"));
+               return NT_STATUS_LOGON_FAILURE;
+       }
        p = strchr_m(princ_name, '@');
        if (!p) {
                DEBUG(3, ("[%s] Doesn't look like a valid principal\n",

Would that be good enough without having more debug data?
Other proposals?


More information about the samba-technical mailing list