Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix a segfault in mechglue #103

Closed
wants to merge 2 commits into from
Closed

Fix a segfault in mechglue #103

wants to merge 2 commits into from

Conversation

vlendec
Copy link
Contributor

@vlendec vlendec commented May 27, 2024

Protect mechglue against 0-length OID_set coming from the gssproxy

Signed-off-by: Volker Lendecke <vl@samba.org>
Avoid a segfault in case the src OID_set came from a gssx_OID_set with
gssx_OID_set_len==0 (see gp_conv_gssx_to_oid_set())

Signed-off-by: Volker Lendecke <vl@samba.org>
@simo5
Copy link
Contributor

simo5 commented May 28, 2024

Hi Volker,
in what case does this happens?

I wonder if we should rather return an error if the oldset is empty.

@vlendec
Copy link
Contributor Author

vlendec commented May 28, 2024

I'm playing with the gssproxy protocol, and got mechglue to crash. This is not with the upstream gssproxy daemon that this project provides, but I thought it might be worthwhile to not crash unsuspecting clients no matter what happens on the daemon side. See also the SIGPIPE patch of a while ago. With the real gssproxy this should never happen.

@simo5
Copy link
Contributor

simo5 commented May 28, 2024

I see, would you mind changing the patch to return an error instead of success + empty set ?
I think empty set will fix the segfault of course, but will also mask that incorrect (missing) data is being returned.

@vlendec
Copy link
Contributor Author

vlendec commented May 28, 2024

Sure, but I guess this should happen when parsing the bytes coming from the server. Let's close this PR, I'll take a fresh look.

@vlendec vlendec closed this May 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants