diff options
| author | Andreas Schneider <asn@samba.org> | 2020-07-13 17:23:37 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2020-08-19 16:22:40 +0000 |
| commit | 46142d8398dac98046866ab06ff3185f4311ab8d (patch) | |
| tree | 87c3736fd52d065cb92fb478d121254207408c93 /libcli | |
| parent | cf432bd4527a1605e48783c54c01b0ff518ba371 (diff) | |
| download | samba-46142d8398dac98046866ab06ff3185f4311ab8d.tar.gz | |
libcli:smb2: Use talloc NULL context if we don't have a stackframe
If we execute this code from python we don't have a talloc stackframe
around and segfault with talloc_tos().
To fix the crash we use the NULL context as we take care for freeing the
memory as soon as possible.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'libcli')
| -rw-r--r-- | libcli/smb/smb2_signing.c | 30 |
1 files changed, 26 insertions, 4 deletions
diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c index bba80817018..7669b219bbe 100644 --- a/libcli/smb/smb2_signing.c +++ b/libcli/smb/smb2_signing.c @@ -513,14 +513,25 @@ NTSTATUS smb2_signing_encrypt_pdu(struct smb2_signing_key *encryption_key, uint8_t *ctext = NULL; size_t len = 0; int i; + TALLOC_CTX *tmp_ctx = NULL; - ptext = talloc_size(talloc_tos(), ptext_size); + /* + * If we come from python bindings, we don't have a stackframe + * around, so use the NULL context. + * + * This is fine as we make sure we free the memory. + */ + if (talloc_stackframe_exists()) { + tmp_ctx = talloc_tos(); + } + + ptext = talloc_size(tmp_ctx, ptext_size); if (ptext == NULL) { status = NT_STATUS_NO_MEMORY; goto out; } - ctext = talloc_size(talloc_tos(), ctext_size); + ctext = talloc_size(tmp_ctx, ctext_size); if (ctext == NULL) { TALLOC_FREE(ptext); status = NT_STATUS_NO_MEMORY; @@ -713,16 +724,27 @@ NTSTATUS smb2_signing_decrypt_pdu(struct smb2_signing_key *decryption_key, uint8_t *ptext = NULL; size_t len = 0; int i; + TALLOC_CTX *tmp_ctx = NULL; + + /* + * If we come from python bindings, we don't have a stackframe + * around, so use the NULL context. + * + * This is fine as we make sure we free the memory. + */ + if (talloc_stackframe_exists()) { + tmp_ctx = talloc_tos(); + } /* GnuTLS doesn't have a iovec API for decryption yet */ - ptext = talloc_size(talloc_tos(), ptext_size); + ptext = talloc_size(tmp_ctx, ptext_size); if (ptext == NULL) { status = NT_STATUS_NO_MEMORY; goto out; } - ctext = talloc_size(talloc_tos(), ctext_size); + ctext = talloc_size(tmp_ctx, ctext_size); if (ctext == NULL) { TALLOC_FREE(ptext); status = NT_STATUS_NO_MEMORY; |