[PATCH 0/1] MR5286: kerberos: Allocate memory for the returned token if requested. - Wine-gitlab - list.winehq.org

newer
[PATCH 0/1] MR5287: d2d1: Make...

[PATCH 0/1] MR5286: kerberos: Allocate memory for the returned token if requested.

older
Re: [PATCH v6 0/5] MR4971:...

Dmitry Timoshkov (＠dmitry)

12 Mar 2024 12 Mar '24

8:43 a.m.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=56400 -- https://gitlab.winehq.org/wine/wine/-/merge_requests/5286

Reply

Sign in to reply online Use email software

Show replies by date

Dmitry Timoshkov

12 Mar 12 Mar

8:43 a.m.

New subject: [PATCH 1/1] kerberos: Allocate memory for the returned token if requested.

From: Dmitry Timoshkov <dmitry(a)baikal.ru> Signed-off-by: Dmitry Timoshkov <dmitry(a)baikal.ru> --- dlls/kerberos/krb5_ap.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c index ae68c4b90c2..e224a3c86ee 100644 --- a/dlls/kerberos/krb5_ap.c +++ b/dlls/kerberos/krb5_ap.c @@ -477,7 +477,7 @@ static NTSTATUS NTAPI kerberos_SpInitLsaModeContext( LSA_SEC_HANDLE credential, { static const ULONG supported = ISC_REQ_CONFIDENTIALITY | ISC_REQ_INTEGRITY | ISC_REQ_SEQUENCE_DETECT | ISC_REQ_REPLAY_DETECT | ISC_REQ_MUTUAL_AUTH | ISC_REQ_USE_DCE_STYLE | - ISC_REQ_IDENTIFY | ISC_REQ_CONNECTION | ISC_REQ_DELEGATE; + ISC_REQ_IDENTIFY | ISC_REQ_CONNECTION | ISC_REQ_DELEGATE | ISC_REQ_ALLOCATE_MEMORY; char *target = NULL; NTSTATUS status; ULONG exptime; @@ -513,6 +513,11 @@ static NTSTATUS NTAPI kerberos_SpInitLsaModeContext( LSA_SEC_HANDLE credential, } if ((idx = get_buffer_index( output, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + if (context_req & ISC_REQ_ALLOCATE_MEMORY) + { + output->pBuffers[idx].pvBuffer = RtlAllocateHeap( GetProcessHeap(), 0, KERBEROS_MAX_BUF ); + output->pBuffers[idx].cbBuffer = KERBEROS_MAX_BUF; + } params.output_token = output->pBuffers[idx].pvBuffer; params.output_token_length = &output->pBuffers[idx].cbBuffer; -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/5286

Reply

Sign in to reply online Use email software

Hans Leidekker (＠hans)

9:10 a.m.

Hans Leidekker (@hans) commented about dlls/kerberos/krb5_ap.c:

}

if ((idx = get_buffer_index( output, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + if (context_req & ISC_REQ_ALLOCATE_MEMORY) + { + output->pBuffers[idx].pvBuffer = RtlAllocateHeap( GetProcessHeap(), 0, KERBEROS_MAX_BUF ); + output->pBuffers[idx].cbBuffer = KERBEROS_MAX_BUF; + }

Can you add a check for allocation failure? We should should probably return ISC_RET_ALLOCATED_MEMORY in context_attr when ISC_REQ_ALLOCATE_MEMORY was passed. -- https://gitlab.winehq.org/wine/wine/-/merge_requests/5286#note_64349

Reply

Sign in to reply online Use email software

Dmitry Timoshkov (＠dmitry)

9:29 a.m.

Can you add a check for allocation failure?

Sure.

We should probably return ISC_RET_ALLOCATED_MEMORY in context_attr when ISC_REQ_ALLOCATE_MEMORY was passed.

Sounds reasonable, MSDN suggests that's the correct behaviour. Thanks! -- https://gitlab.winehq.org/wine/wine/-/merge_requests/5286#note_64350

Reply

Sign in to reply online Use email software

647

Age (days ago)

647

Last active (days ago)

Download

3 comments

3 participants

tags

participants (3)

Dmitry Timoshkov
Dmitry Timoshkov (＠dmitry)
Hans Leidekker (＠hans)