git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b20acd8)
CVE-2022-37966 python:tests/krb5: ignore empty supplementalCredentials attributes
authorStefan Metzmacher <metze@samba.org>
Tue, 29 Nov 2022 19:27:14 +0000 (20:27 +0100)
committerStefan Metzmacher <metze@samba.org>
Wed, 14 Dec 2022 10:28:17 +0000 (10:28 +0000)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit f434a30ee7c40aac4a223fcabac9ddd160a155a5)

python/samba/tests/krb5/kdc_base_test.py patch | blob | history

diff --git a/python/samba/tests/krb5/kdc_base_test.py b/python/samba/tests/krb5/kdc_base_test.py
index f218293f092098e8f65b2f04d8db5f2d656a5fcc..45a23b97eff196ecbd32d0fbf008b358279aab27 100644 (file)
--- a/python/samba/tests/krb5/kdc_base_test.py
+++ b/python/samba/tests/krb5/kdc_base_test.py
@@ -566,6 +566,8 @@ class KDCBaseTest(RawKerberosTest):
         for attr in attributes:
             if attr.attid == drsuapi.DRSUAPI_ATTID_supplementalCredentials:
                 net_ctx.replicate_decrypt(bind, attr, rid)
+                if attr.value_ctr.num_values == 0:
+                    continue
                 attr_val = attr.value_ctr.values[0].blob
 
                 spl = ndr_unpack(drsblobs.supplementalCredentialsBlob,
Samba Shared Repository