CVE-2020-25719 mit-samba: Handle no DB entry in mit_samba_get_pac()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14561

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c
index 3f8b0b9fb2b1571a70e250a540d0576358bf45d4..e7fe67241efc63ce656afb6bc340147cc2bc4d86 100644 (file)
--- a/source4/kdc/mit_samba.c
+++ b/source4/kdc/mit_samba.c
@@ -463,6 +463,10 @@ int mit_samba_get_pac(struct mit_samba_context *smb_ctx,
                                            &upn_dns_info_blob);
        if (!NT_STATUS_IS_OK(nt_status)) {
                talloc_free(tmp_ctx);
+               if (NT_STATUS_EQUAL(nt_status,
+                                   NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
+                       return ENOENT;
+               }
                return EINVAL;
        }