Fix winbind nbt name lookup segfault.

resolves: #996160
2013-08-14 08:46:55 +02:00 · 2013-08-14 08:46:55 +02:00 · 684a1b62df
commit 684a1b62df
parent 9220df7904
2 changed files with 60 additions and 1 deletions
--- a/samba-4.1.0rc3-fix_winbind_nbtname_segfault.patch
+++ b/samba-4.1.0rc3-fix_winbind_nbtname_segfault.patch
@ -0,0 +1,52 @@
+From 187e520b96c5ae3a7fd7bfd24df4c67b1528ded9 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Mon, 12 Aug 2013 20:22:04 +0200
+Subject: [PATCH] s3-winbind: Fix a segfault passing NULL to a fstring
+ argument.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=10082
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+Reviewed-by: Volker Lendecke <vl@samba.org>
+
+Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
+Autobuild-Date(master): Tue Aug 13 13:58:26 CEST 2013 on sn-devel-104
+---
+ source3/winbindd/winbindd_cm.c | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
+index 50728a5..48322cb 100644
+--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
+@@ -1127,6 +1127,7 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx,
+ 	uint32_t nt_version = NETLOGON_NT_VERSION_1;
+ 	NTSTATUS status;
+ 	const char *dc_name;
+	fstring nbtname;
+ 
+ 	ip_list.ss = *pss;
+ 	ip_list.port = 0;
+@@ -1210,9 +1211,17 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx,
+ 
+ 	/* try node status request */
+ 
+-	if (name_status_find(domain->name, 0x1c, 0x20, pss, *name) ) {
+	if (name_status_find(domain->name, 0x1c, 0x20, pss, nbtname) ) {
+ 		namecache_store(*name, 0x20, 1, &ip_list);
+-		return True;
+
+		if (name != NULL) {
+			*name = talloc_strdup(mem_ctx, nbtname);
+			if (*name == NULL) {
+				return false;
+			}
+		}
+
+		return true;
+ 	}
+ 	return False;
+ }
+-- 
+1.8.3.1
+
--- a/samba.spec
+++ b/samba.spec
@ -1,7 +1,7 @@
 # Set --with testsuite or %bcond_without to run the Samba torture testsuite.
 %bcond_with testsuite

-%define main_release 3
+%define main_release 4

 %define samba_version 4.1.0
 %define talloc_version 2.0.8
@ -75,6 +75,8 @@ Source6: samba.pamd
 Source200: README.dc
 Source201: README.downgrade

+Patch0: samba-4.1.0rc3-fix_winbind_nbtname_segfault.patch
+
 BuildRoot:      %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)

 Requires(pre): /usr/sbin/groupadd
@ -432,6 +434,8 @@ the local kerberos library to use the same KDC as samba and winbind use
 %prep
 %setup -q -n samba-%{version}%{pre_release}

+%patch0 -p1 -b .samba-4.1.0rc3-fix_winbind_nbtname_segfault.patch
+
 %build
 %global _talloc_lib ,talloc,pytalloc,pytalloc-util
 %global _tevent_lib ,tevent,pytevent
@ -1459,6 +1463,9 @@ rm -rf %{buildroot}
 %{_mandir}/man7/winbind_krb5_locator.7*

 %changelog
+* Wed Aug 14 2013 - Andreas Schneider <asn@redhat.com> 2:4.1.0-0.4
+- resolves: #996160 - Fix winbind nbt name lookup segfault.
+
 * Mon Aug 12 2013 - Andreas Schneider <asn@redhat.com> - 2:4.1.0-0.3
 - related: #985609 - Update to Samba 4.1.0rc2.