summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2008-07-23 13:41:51 +0200
committerStefan Metzmacher <metze@samba.org>2008-07-23 14:46:08 +0200
commitfa40b0709ab60476d295837e73a1326bb056fc73 (patch)
tree3b2c4d055d2feec38d6de4b825dc36ac281cbf25 /source4
parentfbea02accfa8f92d84d0f2cb17847dac1519aa87 (diff)
downloadsamba-fa40b0709ab60476d295837e73a1326bb056fc73.tar.gz
samba-fa40b0709ab60476d295837e73a1326bb056fc73.tar.bz2
samba-fa40b0709ab60476d295837e73a1326bb056fc73.zip
hdb-ldb: check the SUPPLEMENTAL_CREDENTIALS_SIGNATURE
metze (This used to be commit 7219740ef434091617c6bb727374251987ff2a62)
Diffstat (limited to 'source4')
-rw-r--r--source4/kdc/hdb-ldb.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/source4/kdc/hdb-ldb.c b/source4/kdc/hdb-ldb.c
index 656849334a..4b47dbf259 100644
--- a/source4/kdc/hdb-ldb.c
+++ b/source4/kdc/hdb-ldb.c
@@ -221,6 +221,12 @@ static krb5_error_code LDB_message2entry_keys(krb5_context context,
goto out;
}
+ if (scb.sub.signature != SUPPLEMENTAL_CREDENTIALS_SIGNATURE) {
+ NDR_PRINT_DEBUG(supplementalCredentialsBlob, &scb);
+ ret = EINVAL;
+ goto out;
+ }
+
for (i=0; i < scb.sub.num_packages; i++) {
if (scb.sub.packages[i].unknown1 != 0x00000001) {
continue;