git.samba.org
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
c0236de
)
CVE-2015-5370: s4:rpc_server: check the result of dcerpc_pull_auth_trailer() in dcesr...
author
Stefan Metzmacher
<metze@samba.org>
Fri, 26 Jun 2015 06:10:46 +0000
(08:10 +0200)
committer
Stefan Metzmacher
<metze@samba.org>
Wed, 30 Mar 2016 02:10:07 +0000
(
04:10
+0200)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
source4/rpc_server/dcesrv_auth.c
patch
|
blob
|
history
diff --git
a/source4/rpc_server/dcesrv_auth.c
b/source4/rpc_server/dcesrv_auth.c
index beccc78e3ec94ea51500c56b6fd186ed7d4d9cb1..c3ba40cac07997e0344e77d45d2a6081ce346317 100644
(file)
--- a/
source4/rpc_server/dcesrv_auth.c
+++ b/
source4/rpc_server/dcesrv_auth.c
@@
-59,6
+59,10
@@
bool dcesrv_auth_bind(struct dcesrv_call_state *call)
status = dcerpc_pull_auth_trailer(pkt, call, &pkt->u.bind.auth_info,
dce_conn->auth_state.auth_info,
&auth_length, false);
+ if (!NT_STATUS_IS_OK(status)) {
+ return false;
+ }
+
server_credentials
= cli_credentials_init(call);
if (!server_credentials) {