diff options
| author | Samuel Cabrero <scabrero@suse.de> | 2022-12-22 16:32:40 +0100 |
|---|---|---|
| committer | Jule Anger <janger@samba.org> | 2023-01-23 10:01:41 +0000 |
| commit | 07ba1038cdcb1e85b8fc687781e92c6c69d26a70 (patch) | |
| tree | 61c5e5f4499779c13e77e61ce356ccec13ad7b47 | |
| parent | 1e6772da7ac1260581d6c5141c48f2be726c0160 (diff) | |
| download | samba-v4-15-test.tar.gz | |
CVE-2022-38023 s3:rpc_server/netlogon: Avoid unnecessary loadparm_context allocationsv4-15-test
After s3 and s4 rpc servers merge the loadparm_context is available in
the dcesrv_context structure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan 9 15:17:14 UTC 2023 on sn-devel-184
(cherry picked from commit 56837f3d3169a02d0d92bd085d9c8250415ce29b)
Autobuild-User(v4-15-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-15-test): Mon Jan 23 10:01:41 UTC 2023 on sn-devel-184
| -rw-r--r-- | source3/rpc_server/netlogon/srv_netlog_nt.c | 21 |
1 files changed, 2 insertions, 19 deletions
diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c index edf1c1c215c..e52b08ec6c6 100644 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c @@ -859,7 +859,7 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p, * so use a copy to avoid destroying the client values. */ uint32_t in_neg_flags = *r->in.negotiate_flags; const char *fn; - struct loadparm_context *lp_ctx; + struct loadparm_context *lp_ctx = p->dce_call->conn->dce_ctx->lp_ctx; struct dom_sid sid; struct samr_Password mach_pwd; struct netlogon_creds_CredentialState *creds; @@ -977,20 +977,11 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p, goto out; } - lp_ctx = loadparm_init_s3(p->mem_ctx, loadparm_s3_helpers()); - if (lp_ctx == NULL) { - DEBUG(10, ("loadparm_init_s3 failed\n")); - status = NT_STATUS_INTERNAL_ERROR; - goto out; - } - /* Store off the state so we can continue after client disconnect. */ become_root(); status = schannel_save_creds_state(p->mem_ctx, lp_ctx, creds); unbecome_root(); - talloc_unlink(p->mem_ctx, lp_ctx); - if (!NT_STATUS_IS_OK(status)) { ZERO_STRUCTP(r->out.return_credentials); goto out; @@ -1985,7 +1976,7 @@ NTSTATUS _netr_LogonSamLogonEx(struct pipes_struct *p, { NTSTATUS status; struct netlogon_creds_CredentialState *creds = NULL; - struct loadparm_context *lp_ctx; + struct loadparm_context *lp_ctx = p->dce_call->conn->dce_ctx->lp_ctx; *r->out.authoritative = true; @@ -1994,18 +1985,10 @@ NTSTATUS _netr_LogonSamLogonEx(struct pipes_struct *p, return status; } - lp_ctx = loadparm_init_s3(p->mem_ctx, loadparm_s3_helpers()); - if (lp_ctx == NULL) { - DEBUG(0, ("loadparm_init_s3 failed\n")); - return NT_STATUS_INTERNAL_ERROR; - } - become_root(); status = schannel_get_creds_state(p->mem_ctx, lp_ctx, r->in.computer_name, &creds); unbecome_root(); - talloc_unlink(p->mem_ctx, lp_ctx); - if (!NT_STATUS_IS_OK(status)) { return status; } |