git.samba.org / metze / samba / wip.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4060da4)
CVE-2015-0240: s3: netlogon: Ensure we don't call talloc_free on an uninitialized...
authorJeremy Allison <jra@samba.org>
Wed, 28 Jan 2015 22:47:31 +0000 (14:47 -0800)
committerKarolin Seeger <kseeger@samba.org>
Sun, 22 Feb 2015 13:23:13 +0000 (14:23 +0100)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11077

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
source3/rpc_server/netlogon/srv_netlog_nt.c patch | blob | history

diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
index deba47b3e69af12c58a04777761a5db3c15892e7..34b9a024d65b2a09ee4a6b1c60ac90ee0676816b 100644 (file)
--- a/source3/rpc_server/netlogon/srv_netlog_nt.c
+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
@@ -1101,6 +1101,10 @@ static NTSTATUS netr_creds_server_step_check(struct pipes_struct *p,
        bool schannel_global_required = (lp_server_schannel() == true) ? true:false;
        struct loadparm_context *lp_ctx;
 
+       if (creds_out != NULL) {
+               *creds_out = NULL;
+       }
+
        if (schannel_global_required) {
                status = schannel_check_required(&p->auth,
                                                 computer_name,
@@ -1258,7 +1262,7 @@ NTSTATUS _netr_ServerPasswordSet(struct pipes_struct *p,
 {
        NTSTATUS status = NT_STATUS_OK;
        int i;
-       struct netlogon_creds_CredentialState *creds;
+       struct netlogon_creds_CredentialState *creds = NULL;
 
        DEBUG(5,("_netr_ServerPasswordSet: %d\n", __LINE__));
 
Work in progress branches