[SCM] Samba Shared Repository - branch master updated

Alexander Bokovoy ab at samba.org
Thu Jun 7 09:31:12 MDT 2012 

https://bugzilla.samba.org/show_bug.cgi?id=8988

On Thu, Jun 7, 2012 at 7:44 AM, Alexander Bokovoy <ab at samba.org> wrote:
> Karolin,
>
> this fix needs to go to 3.6 as well. The code was first introduced in
> 1bb6b841 and is in all 3.6 releases (in source3/librpc/crypto/gse.c).
> It affects systems with MIT krb5 1.10 (Fedora 17, Ubuntu 12.04).
>
> I'll open a bug and make a patch available today.
>
> On Wed, Jun 6, 2012 at 7:23 PM, Alexander Bokovoy <ab at samba.org> wrote:
>> The branch, master has been updated
>>       via  238d24a auth-kerberos: avoid crash with MIT krb5 1.10.0 in gss_get_name_attribute()
>>      from  f3df298 s4 dns: Correctly handle A questions for CNAMEs
>>
>> http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
>>
>>
>> - Log -----------------------------------------------------------------
>> commit 238d24af4ed1457b684b6e497d1ca134f9ea567d
>> Author: Alexander Bokovoy <ab at samba.org>
>> Date:   Wed Jun 6 16:52:18 2012 +0300
>>
>>    auth-kerberos: avoid crash with MIT krb5 1.10.0 in gss_get_name_attribute()
>>
>>    gss_get_name_attribute() can return unintialized pac_display_buffer
>>    and later gss_release_buffer() will crash on attempting to release it.
>>
>>    The fix on MIT krb5 side is in 1.10.1, reported in both Debian and MIT upstream:
>>    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658514
>>    http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=7087
>>
>>    We need to initialize variables before using gss_get_name_attribute()
>>
>>    Autobuild-User: Alexander Bokovoy <ab at samba.org>
>>    Autobuild-Date: Wed Jun  6 18:22:51 CEST 2012 on sn-devel-104
>>
>> -----------------------------------------------------------------------
>>
>> Summary of changes:
>>  auth/kerberos/gssapi_pac.c |   20 ++++++++++++++++++--
>>  1 files changed, 18 insertions(+), 2 deletions(-)
>>
>>
>> Changeset truncated at 500 lines:
>>
>> diff --git a/auth/kerberos/gssapi_pac.c b/auth/kerberos/gssapi_pac.c
>> index dadae1a..a174052 100644
>> --- a/auth/kerberos/gssapi_pac.c
>> +++ b/auth/kerberos/gssapi_pac.c
>> @@ -80,8 +80,24 @@ NTSTATUS gssapi_obtain_pac_blob(TALLOC_CTX *mem_ctx,
>>        NTSTATUS status;
>>        OM_uint32 gss_maj, gss_min;
>>  #ifdef HAVE_GSS_GET_NAME_ATTRIBUTE
>> -       gss_buffer_desc pac_buffer;
>> -       gss_buffer_desc pac_display_buffer;
>> +/*
>> + * gss_get_name_attribute() in MIT krb5 1.10.0 can return unintialized pac_display_buffer
>> + * and later gss_release_buffer() will crash on attempting to release it.
>> + *
>> + * So always initialize the buffer descriptors.
>> + *
>> + * See following links for more details:
>> + * http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658514
>> + * http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=7087
>> + */
>> +       gss_buffer_desc pac_buffer = {
>> +               .value = NULL,
>> +               .length = 0
>> +       };
>> +       gss_buffer_desc pac_display_buffer = {
>> +               .value = NULL,
>> +               .length = 0
>> +       };
>>        gss_buffer_desc pac_name = {
>>                .value = discard_const("urn:mspac:"),
>>                .length = sizeof("urn:mspac:")-1
>>
>>
>> --
>> Samba Shared Repository
>
>
>
> --
> / Alexander Bokovoy



-- 
/ Alexander Bokovoy

More information about the samba-technical mailing list