CVE-2020-25717 winbindd: add and use idmap_child_pid()

author Stefan Metzmacher <metze@samba.org>

Fri, 11 Sep 2020 12:06:04 +0000 (14:06 +0200)

committer Jule Anger <janger@samba.org>

Mon, 8 Nov 2021 09:52:09 +0000 (10:52 +0100)
author Stefan Metzmacher <metze@samba.org>
Fri, 11 Sep 2020 12:06:04 +0000 (14:06 +0200)
committer Jule Anger <janger@samba.org>
Mon, 8 Nov 2021 09:52:09 +0000 (10:52 +0100)
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c

index 5fb22d7e9c8a6faf71db1f64123d0229905a36f3..bb819bbba19fb0314c90b8caf7ed333397715cbe 100644 (file)
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -463,11 +463,11 @@ void set_domain_offline(struct winbindd_domain *domain)
            primary domain goes offline */
  
         if ( domain->primary ) {
-               struct winbindd_child *idmap = idmap_child();
+               pid_t idmap_pid = idmap_child_pid();
  
-               if ( idmap->pid != 0 ) {
+               if (idmap_pid != 0) {
                         messaging_send_buf(global_messaging_context(),
-                                          pid_to_procid(idmap->pid), 
+                                          pid_to_procid(idmap_pid),
                                            MSG_WINBIND_OFFLINE, 
                                            (const uint8_t *)domain->name,
                                            strlen(domain->name)+1);
@@ -549,11 +549,11 @@ static void set_domain_online(struct winbindd_domain *domain)
            primary domain comes online */
  
         if ( domain->primary ) {
-               struct winbindd_child *idmap = idmap_child();
+               pid_t idmap_pid = idmap_child_pid();
  
-               if ( idmap->pid != 0 ) {
+               if (idmap_pid != 0) {
                         messaging_send_buf(global_messaging_context(),
-                                          pid_to_procid(idmap->pid), 
+                                          pid_to_procid(idmap_pid),
                                            MSG_WINBIND_ONLINE, 
                                            (const uint8_t *)domain->name,
                                            strlen(domain->name)+1);
diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c

index b1c86b2979c38b3fc4dead8bd205196ac220125c..0edfc2d205d0b1d8d806132b43883adf2a058238 100644 (file)
--- a/source3/winbindd/winbindd_dual.c
+++ b/source3/winbindd/winbindd_dual.c
@@ -1071,11 +1071,11 @@ void winbind_msg_online(struct messaging_context *msg_ctx,
                    primary domain comes back online */
  
                 if ( domain->primary ) {
-                       struct winbindd_child *idmap = idmap_child();
+                       pid_t idmap_pid = idmap_child_pid();
  
-                       if ( idmap->pid != 0 ) {
+                       if (idmap_pid != 0) {
                                 messaging_send_buf(msg_ctx,
-                                                  pid_to_procid(idmap->pid), 
+                                                  pid_to_procid(idmap_pid),
                                                    MSG_WINBIND_ONLINE,
                                                    (const uint8_t *)domain->name,
                                                    strlen(domain->name)+1);
diff --git a/source3/winbindd/winbindd_idmap.c b/source3/winbindd/winbindd_idmap.c

index 2ee436bc7dcd28794da2b135b32e44195dec59ee..965a7839f17d1b3400ff1df25935d44f466d06ba 100644 (file)
--- a/source3/winbindd/winbindd_idmap.c
+++ b/source3/winbindd/winbindd_idmap.c
@@ -34,6 +34,11 @@ struct winbindd_child *idmap_child(void)
         return &static_idmap_child;
  }
  
+pid_t idmap_child_pid(void)
+{
+       return static_idmap_child.pid;
+}
+
  struct dcerpc_binding_handle *idmap_child_handle(void)
  {
         return static_idmap_child.binding_handle;
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h

index 6d4ffa726f1df218243a10757c0bcc3415d7d1c1..ce391ab7ec557b6b86812a3df690cec21ab35ddd 100644 (file)
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -366,6 +366,7 @@ NTSTATUS winbindd_print_groupmembers(struct db_context *members,
  
  void init_idmap_child(void);
  struct winbindd_child *idmap_child(void);
+pid_t idmap_child_pid(void);
  struct dcerpc_binding_handle *idmap_child_handle(void);
  struct idmap_domain *idmap_find_domain_with_sid(const char *domname,
                                                 const struct dom_sid *sid);
author	Stefan Metzmacher <metze@samba.org>
	Fri, 11 Sep 2020 12:06:04 +0000 (14:06 +0200)
committer	Jule Anger <janger@samba.org>
	Mon, 8 Nov 2021 09:52:09 +0000 (10:52 +0100)
source3/winbindd/winbindd_cm.c		patch \| blob \| blame \| history
source3/winbindd/winbindd_dual.c		patch \| blob \| blame \| history
source3/winbindd/winbindd_idmap.c		patch \| blob \| blame \| history
source3/winbindd/winbindd_proto.h		patch \| blob \| blame \| history