From: Andreas Schneider <asn@samba.org>
Date: Mon, 12 Jul 2021 11:58:57 +0000 (+0200)
Subject: CVE-2020-25719 mit-samba: Handle no DB entry in mit_samba_get_pac()
X-Git-Tag: samba-4.13.14~64
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f0b9f23fa25ee49f8c9c9cab7390f1c948c0ac9f;p=thirdparty%2Fsamba.git

CVE-2020-25719 mit-samba: Handle no DB entry in mit_samba_get_pac()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14561

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c
index 6aed3134544..be6ea83c042 100644
--- a/source4/kdc/mit_samba.c
+++ b/source4/kdc/mit_samba.c
@@ -437,6 +437,10 @@ int mit_samba_get_pac(struct mit_samba_context *smb_ctx,
 					    &upn_dns_info_blob);
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		talloc_free(tmp_ctx);
+		if (NT_STATUS_EQUAL(nt_status,
+				    NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
+			return ENOENT;
+		}
 		return EINVAL;
 	}