From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Thu, 24 Aug 2023 23:28:07 +0000 (+1200)
Subject: s4:kdc: Check return value of smb_krb5_principal_get_comp_string()
X-Git-Tag: tevent-0.16.0~622
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1f4438c5a2f067b97a5a95d1d9c7d045b828c0bb;p=thirdparty%2Fsamba.git

s4:kdc: Check return value of smb_krb5_principal_get_comp_string()

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c
index b9cc1e4057a..53d84340d0b 100644
--- a/source4/kdc/db-glue.c
+++ b/source4/kdc/db-glue.c
@@ -1205,15 +1205,23 @@ static krb5_error_code samba_kdc_message2entry(krb5_context context,
 	 * these more restricted SPNs.
 	 */
 	if (krb5_princ_size(context, principal) > 2) {
-		char *third_part
-			= smb_krb5_principal_get_comp_string(tmp_ctx,
-							     context,
-							     principal,
-							     2);
-		bool is_our_realm =
-			 lpcfg_is_my_domain_or_realm(lp_ctx,
+		char *third_part = NULL;
+		bool is_our_realm;
+		bool is_dc;
+
+		third_part = smb_krb5_principal_get_comp_string(tmp_ctx,
+								context,
+								principal,
+								2);
+		if (third_part == NULL) {
+			ret = ENOMEM;
+			krb5_set_error_message(context, ret, "smb_krb5_principal_get_comp_string: out of memory");
+			goto out;
+		}
+
+		is_our_realm = lpcfg_is_my_domain_or_realm(lp_ctx,
 						     third_part);
-		bool is_dc = userAccountControl &
+		is_dc = userAccountControl &
 			(UF_SERVER_TRUST_ACCOUNT | UF_PARTIAL_SECRETS_ACCOUNT);
 		if (is_our_realm && !is_dc) {
 			entry->flags.server = 0;