CVE-2015-5370: s4:librpc/rpc: avoid using hs->p->conn->security_state.auth_info in...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c
index 1f5213f2873a4729f642e8353ed417efd0bc8b1a..854a956f2574e12590cf8dcad8d98e26efca80ea 100644 (file)
--- a/source4/librpc/rpc/dcerpc.c
+++ b/source4/librpc/rpc/dcerpc.c
@@ -225,12 +225,8 @@ static void dcerpc_bh_auth_info(struct dcerpc_binding_handle *h,
                return;
        }
 
-       if (hs->p->conn->security_state.auth_info == NULL) {
-               return;
-       }
-
-       *auth_type = hs->p->conn->security_state.auth_info->auth_type;
-       *auth_level = hs->p->conn->security_state.auth_info->auth_level;
+       *auth_type = hs->p->conn->security_state.auth_type;
+       *auth_level = hs->p->conn->security_state.auth_level;
 }
 
 struct dcerpc_bh_raw_call_state {