[samba/f16] Fix pam_winbind segfault in pam_sm_authenticate().
Guenther Deschner
gd at fedoraproject.org
Fri Nov 9 11:55:55 UTC 2012
commit 12fb6add11e3c416f502e6641a6bc8ba3c5782ea
Author: Andreas Schneider <asn at cryptomilk.org>
Date: Fri Oct 26 21:09:01 2012 +0200
Fix pam_winbind segfault in pam_sm_authenticate().
resolves: #870493
samba-3.6.9-fix_pam_winbind_crash.patch | 34 +++++++++++++++++++++++++++++++
samba.spec | 8 ++++++-
2 files changed, 41 insertions(+), 1 deletions(-)
---
diff --git a/samba-3.6.9-fix_pam_winbind_crash.patch b/samba-3.6.9-fix_pam_winbind_crash.patch
new file mode 100644
index 0000000..933f277
--- /dev/null
+++ b/samba-3.6.9-fix_pam_winbind_crash.patch
@@ -0,0 +1,34 @@
+From 96369155d446f5f1bab5401fd9fed709dcb87e0e Mon Sep 17 00:00:00 2001
+From: David Disseldorp <ddiss at suse.de>
+Date: Wed, 2 Nov 2011 18:39:03 +0100
+Subject: [PATCH] pam_winbind: fix segfault in pam_sm_authenticate()
+
+Ensure the potentially null winbind context is not dereferenced on
+cleanup.
+
+https://bugzilla.samba.org/show_bug.cgi?id=8564
+---
+ nsswitch/pam_winbind.c | 7 ++++---
+ 1 files changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
+index 0497726..cb119a6 100644
+--- a/nsswitch/pam_winbind.c
++++ b/nsswitch/pam_winbind.c
+@@ -2733,9 +2733,10 @@ out:
+ _pam_free_data_info3(pamh);
+ }
+
+- _PAM_LOG_FUNCTION_LEAVE("pam_sm_authenticate", ctx, retval);
+-
+- TALLOC_FREE(ctx);
++ if (ctx != NULL) {
++ _PAM_LOG_FUNCTION_LEAVE("pam_sm_authenticate", ctx, retval);
++ TALLOC_FREE(ctx);
++ }
+
+ return retval;
+ }
+--
+1.7.3.4
+
diff --git a/samba.spec b/samba.spec
index 423c8ec..5d963b7 100644
--- a/samba.spec
+++ b/samba.spec
@@ -1,4 +1,4 @@
-%define main_release 91
+%define main_release 92
%define samba_version 3.6.8
%define tdb_version 1.2.9
%define talloc_version 2.0.5
@@ -46,6 +46,7 @@ Patch104: samba-3.0.0rc3-nmbd-netbiosname.patch
# The passwd part has been applied, but not the group part
Patch107: samba-3.2.0pre1-grouppwd.patch
Patch200: samba-3.2.5-inotify.patch
+Patch201: samba-3.6.9-fix_pam_winbind_crash.patch
Requires(pre): samba-common = %{epoch}:%{samba_version}-%{release}
Requires: pam >= 0:0.64
@@ -230,6 +231,7 @@ cp %{SOURCE11} packaging/Fedora/
#%patch104 -p1 -b .nmbd-netbiosname # FIXME: does not apply
%patch107 -p1 -b .grouppwd
%patch200 -p0 -b .inotify
+%patch201 -p1 -b .pam_winbind_crash
mv %samba_source/VERSION %samba_source/VERSION.orig
sed -e 's/SAMBA_VERSION_VENDOR_SUFFIX=$/&\"%{samba_release}\"/' < %samba_source/VERSION.orig > %samba_source/VERSION
@@ -695,6 +697,10 @@ fi
%{_datadir}/pixmaps/samba/logo-small.png
%changelog
+* Fri Oct 26 2012 - Andreas Schneider <asn at redhat.com> -2:3.6.8-92
+- Fix pam_winbind segfault in pam_sm_authenticate().
+- resolves: #870493
+
* Mon Sep 17 2012 Guenther Deschner <gdeschner at redhat.com> - 2:3.6.8-91
- Update to 3.6.8
More information about the scm-commits
mailing list