From: Dmitry Timoshkov dmitry@baikal.ru
Signed-off-by: Dmitry Timoshkov dmitry@baikal.ru --- dlls/kerberos/krb5_ap.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c index ae68c4b90c2..e224a3c86ee 100644 --- a/dlls/kerberos/krb5_ap.c +++ b/dlls/kerberos/krb5_ap.c @@ -477,7 +477,7 @@ static NTSTATUS NTAPI kerberos_SpInitLsaModeContext( LSA_SEC_HANDLE credential, { static const ULONG supported = ISC_REQ_CONFIDENTIALITY | ISC_REQ_INTEGRITY | ISC_REQ_SEQUENCE_DETECT | ISC_REQ_REPLAY_DETECT | ISC_REQ_MUTUAL_AUTH | ISC_REQ_USE_DCE_STYLE | - ISC_REQ_IDENTIFY | ISC_REQ_CONNECTION | ISC_REQ_DELEGATE; + ISC_REQ_IDENTIFY | ISC_REQ_CONNECTION | ISC_REQ_DELEGATE | ISC_REQ_ALLOCATE_MEMORY; char *target = NULL; NTSTATUS status; ULONG exptime; @@ -513,6 +513,11 @@ static NTSTATUS NTAPI kerberos_SpInitLsaModeContext( LSA_SEC_HANDLE credential, }
if ((idx = get_buffer_index( output, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + if (context_req & ISC_REQ_ALLOCATE_MEMORY) + { + output->pBuffers[idx].pvBuffer = RtlAllocateHeap( GetProcessHeap(), 0, KERBEROS_MAX_BUF ); + output->pBuffers[idx].cbBuffer = KERBEROS_MAX_BUF; + } params.output_token = output->pBuffers[idx].pvBuffer; params.output_token_length = &output->pBuffers[idx].cbBuffer;
Hans Leidekker (@hans) commented about dlls/kerberos/krb5_ap.c:
} if ((idx = get_buffer_index( output, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
if (context_req & ISC_REQ_ALLOCATE_MEMORY){output->pBuffers[idx].pvBuffer = RtlAllocateHeap( GetProcessHeap(), 0, KERBEROS_MAX_BUF );output->pBuffers[idx].cbBuffer = KERBEROS_MAX_BUF;}
Can you add a check for allocation failure? We should should probably return ISC_RET_ALLOCATED_MEMORY in context_attr when ISC_REQ_ALLOCATE_MEMORY was passed.
Can you add a check for allocation failure?
Sure.
We should probably return ISC_RET_ALLOCATED_MEMORY in context_attr when ISC_REQ_ALLOCATE_MEMORY was passed.
Sounds reasonable, MSDN suggests that's the correct behaviour.
Thanks!
-
Dmitry Timoshkov -
Dmitry Timoshkov (@dmitry)
-
Hans Leidekker (@hans)