[PATCH] winbind: fix crash in fill_domain_username_talloc() if, specified username is NULL
Ralf Habacker
ralf.habacker at freenet.de
Mon Jun 24 07:50:55 UTC 2019
Hi,
attached is a patch for git master branch, that fixes a crash in winbind
when calling wbinfo -u.
Backtrace:
Program received signal SIGSEGV, Segmentation fault.
strlower_m (s=s at entry=0x0) at ../source3/lib/util_str.c:474
474 while (*s && !(((unsigned char)s[0]) & 0x80)) {
(gdb) bt
#0 strlower_m (s=s at entry=0x0) at ../source3/lib/util_str.c:474
#1 0x00005563f7957ac6 in fill_domain_username_talloc
(mem_ctx=mem_ctx at entry=0x5563f8a89480, domain=0x5563f8a7b6c0
"SAGWH", user=<optimized out>, can_assume=can_assume at entry=true)
at ../source3/winbindd/winbindd_util.c:1209
#2 0x00005563f798df06 in wb_query_user_list_done (subreq=<optimized out>)
at ../source3/winbindd/wb_query_user_list.c:110
#3 0x00007f3d6620c7f6 in dcerpc_binding_handle_call_done
(subreq=<optimized out>) at
../librpc/rpc/binding_handle.c:520
#4 0x00005563f797f3ed in wbint_bh_raw_call_domain_done
(subreq=<optimized out>)
at ../source3/winbindd/winbindd_dual_ndr.c:202
#5 0x00005563f797cc3c in wb_domain_request_done (subreq=<optimized out>) at
../source3/winbindd/winbindd_dual.c:629
#6 0x00005563f797b14d in wb_child_request_done (subreq=0x5563f8a89880)
at ../source3/winbindd/winbindd_dual.c:221
#7 0x00005563f79a40c7 in wb_simple_trans_read_done (subreq=<optimized
out>) at ../nsswitch/wb_reqtrans.c:432
#8 0x00005563f79a3a06 in wb_resp_read_done (subreq=<optimized out>) at
../nsswitch/wb_reqtrans.c:275
#9 0x00007f3d5fe10c10 in ?? () from /usr/lib64/libtevent.so.0
#10 0x00007f3d5fe0f097 in ?? () from /usr/lib64/libtevent.so.0
#11 0x00007f3d5fe0b4ed in _tevent_loop_once () from
/usr/lib64/libtevent.so.0
#12 0x00005563f7950548 in main (argc=<optimized out>, argv=<optimized
out>) at
../source3/winbindd/winbindd.c:1797
The related samba version is 4.7.11.
Regards
Ralf
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-winbind-fix-crash-in-fill_domain_username_talloc-if-.patch
Type: text/x-patch
Size: 847 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20190624/eae32292/0001-winbind-fix-crash-in-fill_domain_username_talloc-if-.bin>
More information about the samba-technical
mailing list