CVE-2018-16853: Do not segfault if client is not set

This can be triggered with FAST but we don't support this yet. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13571 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
author: Andreas Schneider <asn@samba.org> 2016-09-28 07:22:32 +0200
committer: Karolin Seeger <kseeger@samba.org> 2018-12-07 11:39:37 +0100
commit: 09b9a9bed3aae0fbd945921849cd66ce9e22e0ea (patch)
tree: 39a5ff5fb6f793db3394c90c578d882145c255ff /source4
parent: 03607d79e358c664bcf25a5304684dccb49b3ffe (diff)
download: samba-09b9a9bed3aae0fbd945921849cd66ce9e22e0ea.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/source4/kdc/mit-kdb/kdb_samba_policies.c b/source4/kdc/mit-kdb/kdb_samba_policies.c
index 4364461302c..0b1265980b1 100644
--- a/source4/kdc/mit-kdb/kdb_samba_policies.c
+++ b/source4/kdc/mit-kdb/kdb_samba_policies.c
@@ -445,6 +445,14 @@ void kdb_samba_db_audit_as_req(krb5_context context,
 {
 	struct mit_samba_context *mit_ctx;
 
+	/*
+	 * FIXME: This segfaulted with a FAST test
+	 * FIND_FAST: <unknown client> for <unknown server>, Unknown FAST armor type 0
+	 */
+	if (client == NULL) {
+		return;
+	}
+
 	mit_ctx = ks_get_context(context);
 	if (mit_ctx == NULL) {
 		return;
author	Andreas Schneider <asn@samba.org>	2016-09-28 07:22:32 +0200
committer	Karolin Seeger <kseeger@samba.org>	2018-12-07 11:39:37 +0100
commit	09b9a9bed3aae0fbd945921849cd66ce9e22e0ea (patch)
tree	39a5ff5fb6f793db3394c90c578d882145c255ff /source4
parent	03607d79e358c664bcf25a5304684dccb49b3ffe (diff)
download	samba-09b9a9bed3aae0fbd945921849cd66ce9e22e0ea.tar.gz