diff options
author | Andreas Schneider <asn@samba.org> | 2016-09-28 07:22:32 +0200 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2018-11-28 08:22:24 +0100 |
commit | 7cddbcf039a7a67df2bae1779254e2a136f673f0 (patch) | |
tree | f64a03a683eaabf5b204ca03de5fb8676fbb70be /source4 | |
parent | c556ac5c66bf31e9065e723541ff6173e16ca70b (diff) | |
download | samba-7cddbcf039a7a67df2bae1779254e2a136f673f0.tar.gz |
CVE-2018-16853: Do not segfault if client is not set
This can be triggered with FAST but we don't support this yet.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13571
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source4')
-rw-r--r-- | source4/kdc/mit-kdb/kdb_samba_policies.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/source4/kdc/mit-kdb/kdb_samba_policies.c b/source4/kdc/mit-kdb/kdb_samba_policies.c index 81ac73582e0..fc80329f221 100644 --- a/source4/kdc/mit-kdb/kdb_samba_policies.c +++ b/source4/kdc/mit-kdb/kdb_samba_policies.c @@ -461,6 +461,14 @@ void kdb_samba_db_audit_as_req(krb5_context context, krb5_timestamp authtime, krb5_error_code error_code) { + /* + * FIXME: This segfaulted with a FAST test + * FIND_FAST: <unknown client> for <unknown server>, Unknown FAST armor type 0 + */ + if (client == NULL) { + return; + } + samba_bad_password_count(client, error_code); /* TODO: perform proper audit logging for addresses */ @@ -473,6 +481,14 @@ void kdb_samba_db_audit_as_req(krb5_context context, krb5_timestamp authtime, krb5_error_code error_code) { + /* + * FIXME: This segfaulted with a FAST test + * FIND_FAST: <unknown client> for <unknown server>, Unknown FAST armor type 0 + */ + if (client == NULL) { + return; + } + samba_bad_password_count(client, error_code); } #endif |