git.samba.org / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 450ff39) | patch
CVE-2022-2031 s4:kpasswd: Correctly generate error strings
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Fri, 27 May 2022 07:21:06 +0000 (19:21 +1200)
committerJule Anger <janger@samba.org>
Sun, 24 Jul 2022 09:42:02 +0000 (11:42 +0200)
commit29ec8b2369b5f5e2a660a3165d2528982514a0f2
treef6c1942884f099be31966bb3897fbca4b21c8941tree
parent450ff39d1c9f538bd828b7b2bee75c88d3dc1ee2commit | diff
CVE-2022-2031 s4:kpasswd: Correctly generate error strings

The error_data we create already has an explicit length, and should not
be zero-terminated, so we omit the trailing null byte. Previously,
Heimdal builds would leave a superfluous trailing null byte on error
strings, while MIT builds would omit the final character.

The two bytes added to the string's length are for the prepended error
code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15074

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
[jsutton@samba.org Removed MIT KDC 1.20-specific knownfails]
selftest/knownfail_heimdal_kdc diff | blob | history
selftest/knownfail_mit_kdc diff | blob | history
source4/kdc/kpasswd-helper.c diff | blob | history
Samba Shared Repository