s4:rpc_server/lsa: fix segfault in check_ft_info()

This is triggered by lsa_lsaRSetForestTrustInformation() with ForestTrustInfo elements using FOREST_TRUST_TOP_LEVEL_NAME. The nb_name variable was uninitialized and dereferenced without checking. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
author: Stefan Metzmacher <metze@samba.org> 2014-12-15 16:47:50 +0100
committer: Stefan Metzmacher <metze@samba.org> 2014-12-19 13:15:13 +0100
commit: ec7351184f136990e96e10da98f0298c81699beb (patch)
tree: 823232fde36b832fa976a820e173a0494f279de6
parent: 1e74ab337ccfe2fb8b456d070a6583d4cb67aa18 (diff)
download: samba-ec7351184f136990e96e10da98f0298c81699beb.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 0aad375ccd9..020360df72b 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -4159,6 +4159,7 @@ static NTSTATUS check_ft_info(TALLOC_CTX *mem_ctx,
 
 		nrec = &new_fti->records[new_fti_idx].record;
 		dns_name = NULL;
+		nb_name = NULL;
 		tln_conflict = false;
 		sid_conflict = false;
 		nb_conflict = false;
@@ -4237,6 +4238,7 @@ static NTSTATUS check_ft_info(TALLOC_CTX *mem_ctx,
 				sid_conflict = true;
 			}
 			if (!(trec->flags & LSA_NB_DISABLED_ADMIN) &&
+			    (nb_name != NULL) &&
 			    strcasecmp_m(trec->data.info.netbios_name.string,
 					 nb_name) == 0) {
 				nb_conflict = true;
author	Stefan Metzmacher <metze@samba.org>	2014-12-15 16:47:50 +0100
committer	Stefan Metzmacher <metze@samba.org>	2014-12-19 13:15:13 +0100
commit	ec7351184f136990e96e10da98f0298c81699beb (patch)
tree	823232fde36b832fa976a820e173a0494f279de6
parent	1e74ab337ccfe2fb8b456d070a6583d4cb67aa18 (diff)
download	samba-ec7351184f136990e96e10da98f0298c81699beb.tar.gz