From: Gary Lockyer Date: Tue, 12 Jan 2021 23:04:18 +0000 (+1300) Subject: s4 auth ntlm: Fix integer overflow in authsam_password_check_and_record X-Git-Tag: samba-4.14.0rc1~79 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4e624478dcd119f80f33b024b2f0b9a41688b425;p=thirdparty%2Fsamba.git s4 auth ntlm: Fix integer overflow in authsam_password_check_and_record Fix a ubsan detected integer overflow. ../../source4/auth/ntlm/auth_sam.c:445:56: runtime error: signed integer overflow: 60 * 600000000 cannot be represented in type 'int' In practice this meant that the default for the smb.conf parameter "old password allowed period" was approximately 16 seconds, rather than the intended 60 minutes. Similarly the value used would be 22.5 times less than the value specified in smd.conf. Signed-off-by: Gary Lockyer Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Jan 13 23:52:38 UTC 2021 on sn-devel-184 --- diff --git a/source4/auth/ntlm/auth_sam.c b/source4/auth/ntlm/auth_sam.c index 70eddc12c53..c5b27171937 100644 --- a/source4/auth/ntlm/auth_sam.c +++ b/source4/auth/ntlm/auth_sam.c @@ -442,7 +442,8 @@ static NTSTATUS authsam_password_check_and_record(struct auth4_context *auth_con /* * NTTIME uses 100ns units */ - allowed_period = allowed_period_mins * 60 * 1000*1000*10; + allowed_period = (NTTIME) allowed_period_mins * + 60 * 1000*1000*10; pwdLastSet = samdb_result_nttime(msg, "pwdLastSet", 0); tv_now = timeval_current(); now = timeval_to_nttime(&tv_now);