From: Stefan Metzmacher Date: Thu, 11 May 2017 17:11:43 +0000 (+0200) Subject: s4:ldap_server: always allocate resp->SASL.secblob X-Git-Tag: ldb-1.1.31~51 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d4cf947c08e64f9a5f71fced0e75ca101c367ef8;p=thirdparty%2Fsamba.git s4:ldap_server: always allocate resp->SASL.secblob The code path with resp->SASL.secblob = NULL was completely untested (and wrong) as ldapsrv_setup_gensec() is very unlikely to ever fail. Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett --- diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c index 3f2cd2be246..4913629cfcc 100644 --- a/source4/ldap_server/ldap_bind.c +++ b/source4/ldap_server/ldap_bind.c @@ -382,7 +382,12 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call) return NT_STATUS_NO_MEMORY; } resp = &reply->msg->r.BindResponse; - + /* Windows 2000 mmc doesn't like secblob == NULL and reports a decoding error */ + resp->SASL.secblob = talloc_zero(reply, DATA_BLOB); + if (resp->SASL.secblob == NULL) { + return NT_STATUS_NO_MEMORY; + } + conn = call->conn; /* @@ -416,12 +421,7 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call) status = gensec_update_ev(conn->gensec, reply, conn->connection->event.ctx, input, &output); - /* Windows 2000 mmc doesn't like secblob == NULL and reports a decoding error */ - resp->SASL.secblob = talloc(reply, DATA_BLOB); - NT_STATUS_HAVE_NO_MEMORY(resp->SASL.secblob); *resp->SASL.secblob = output; - } else { - resp->SASL.secblob = NULL; } if (NT_STATUS_EQUAL(NT_STATUS_MORE_PROCESSING_REQUIRED, status)) {