37 lines
1.2 KiB
Diff
37 lines
1.2 KiB
Diff
From cf9e37604409ba0c3c5904af40beb2975c309ad4 Mon Sep 17 00:00:00 2001
|
|
From: Joseph Sutton <josephsutton@catalyst.net.nz>
|
|
Date: Fri, 27 May 2022 19:29:34 +1200
|
|
Subject: [PATCH 74/99] CVE-2022-2031 lib:krb5_wrap: Generate valid error codes
|
|
in smb_krb5_mk_error()
|
|
|
|
The error code passed in will be an offset from ERROR_TABLE_BASE_krb5,
|
|
so we need to subtract that before creating the error. Heimdal does this
|
|
internally, so it isn't needed there.
|
|
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15074
|
|
|
|
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
|
|
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
Conflict: remove selftest/knownfail_mit_kdc
|
|
---
|
|
lib/krb5_wrap/krb5_samba.c | 2 +-
|
|
2 files changed, 5 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
|
|
index 76c2dcd2126..610efcc9b87 100644
|
|
--- a/lib/krb5_wrap/krb5_samba.c
|
|
+++ b/lib/krb5_wrap/krb5_samba.c
|
|
@@ -237,7 +237,7 @@ krb5_error_code smb_krb5_mk_error(krb5_context context,
|
|
return code;
|
|
}
|
|
|
|
- errpkt.error = error_code;
|
|
+ errpkt.error = error_code - ERROR_TABLE_BASE_krb5;
|
|
|
|
errpkt.text.length = 0;
|
|
if (e_text != NULL) {
|
|
--
|
|
2.25.1
|