From fecf925043be5de1ed9d6f3a171ffeab1530d9c9 Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Tue, 1 Mar 2011 13:03:59 +0100 Subject: s4:drsuapi RPC server - check for the "SPN" attribute != NULL The SPN attribute could derive from an untrusted source (client). Reviewed-by: Jelmer --- source4/rpc_server/drsuapi/writespn.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source4/rpc_server/drsuapi/writespn.c') diff --git a/source4/rpc_server/drsuapi/writespn.c b/source4/rpc_server/drsuapi/writespn.c index e2e12f1689..63fdef21f5 100644 --- a/source4/rpc_server/drsuapi/writespn.c +++ b/source4/rpc_server/drsuapi/writespn.c @@ -59,6 +59,12 @@ static bool writespn_check_spn(struct drsuapi_bind_state *b_state, krb5_principal principal; const char *dns_name, *dnsHostName; + /* The service principal name shouldn't be NULL */ + if (spn == NULL) { + talloc_free(tmp_ctx); + return false; + } + /* get the objectSid of the DN that is being modified, and check it matches the user_sid in their token -- cgit