heimdal: Check return code from _hdb_fetch_kvno()
A malformed principal will cause kadmind to segfault. The PR addresses only when chpass is requested but delete is also affected. Fix both. PR: 268002 Reported by: Robert Morris <rtm@lcs.mit.edu> MFC after: 3 days
This commit is contained in:
parent
5040a7a9aa
commit
671f55828d
@ -168,7 +168,7 @@ kadm5_s_chpass_principal_with_key(void *server_handle,
|
||||
return ret;
|
||||
ret = context->db->hdb_fetch_kvno(context->context, context->db, princ, 0,
|
||||
HDB_F_GET_ANY|HDB_F_ADMIN_DATA, &ent);
|
||||
if(ret == HDB_ERR_NOENTRY)
|
||||
if(ret)
|
||||
goto out;
|
||||
ret = _kadm5_set_keys2(context, &ent.entry, n_key_data, key_data);
|
||||
if(ret)
|
||||
|
@ -50,7 +50,7 @@ kadm5_s_delete_principal(void *server_handle, krb5_principal princ)
|
||||
}
|
||||
ret = context->db->hdb_fetch_kvno(context->context, context->db, princ,
|
||||
HDB_F_DECRYPT|HDB_F_GET_ANY|HDB_F_ADMIN_DATA, 0, &ent);
|
||||
if(ret == HDB_ERR_NOENTRY)
|
||||
if (ret)
|
||||
goto out;
|
||||
if(ent.entry.flags.immutable) {
|
||||
ret = KADM5_PROTECT_PRINCIPAL;
|
||||
|
Loading…
Reference in New Issue
Block a user