CVE-2021-20251 auth4: Return only the result message and free the sur…

…rounding result BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611 Signed-off-by: Andrew Bartlett <[email protected]> Reviewed-by: Joseph Sutton <[email protected]> Reviewed-by: Andreas Schneider <[email protected]>
portalarchitects · Sep 12, 2022 · b954acf · b954acf
1 parent 4a9e0fd
commit b954acf
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/selftest/knownfail.d/auth-sam b/selftest/knownfail.d/auth-sam
@@ -1,4 +1,3 @@
-^samba.unittests.auth.sam.test_reread_account_not_locked.none
 ^samba.unittests.auth.sam.test_success_accounting_add_control_failed.none
 ^samba.unittests.auth.sam.test_success_accounting_build_mod_req_failed.none
 ^samba.unittests.auth.sam.test_success_accounting_commit_failed.none

diff --git a/source4/auth/sam.c b/source4/auth/sam.c
@@ -885,7 +885,8 @@ NTSTATUS authsam_reread_user_logon_data(
 		TALLOC_FREE(res);
 		return NT_STATUS_ACCOUNT_LOCKED_OUT;
 	}
-	*current = res->msgs[0];
+	*current = talloc_steal(mem_ctx, res->msgs[0]);
+	TALLOC_FREE(res);
 	return NT_STATUS_OK;
 }