From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Thu, 16 Jun 2022 03:32:49 +0000 (+1200)
Subject: CVE-2022-2031 third_party/heimdal: Check generate_pac() return code
X-Git-Tag: samba-4.17.0rc1~311
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2872ccc931c9b601807f91cadc614dcf7c174c8f;p=thirdparty%2Fsamba.git

CVE-2022-2031 third_party/heimdal: Check generate_pac() return code

If the function fails, we should not issue a ticket missing the PAC.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
---

diff --git a/third_party/heimdal/kdc/kerberos5.c b/third_party/heimdal/kdc/kerberos5.c
index e95bdad0a64..0a7934310cc 100644
--- a/third_party/heimdal/kdc/kerberos5.c
+++ b/third_party/heimdal/kdc/kerberos5.c
@@ -2668,7 +2668,9 @@ _kdc_as_rep(astgs_request_t r)
 
     /* Add the PAC */
     if (!r->et.flags.anonymous) {
-	generate_pac(r, skey, krbtgt_key, is_tgs);
+	ret = generate_pac(r, skey, krbtgt_key, is_tgs);
+	if (ret)
+	    goto out;
     }
 
     if (r->client->flags.synthetic) {