Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gssapi.raw.inquire_attrs_for_mech may segfault #148

Closed
simo5 opened this issue Mar 20, 2018 · 0 comments
Closed

gssapi.raw.inquire_attrs_for_mech may segfault #148

simo5 opened this issue Mar 20, 2018 · 0 comments
Labels
bug

Comments

@simo5
Copy link
Contributor

simo5 commented Mar 20, 2018
edited
Loading

When using this function gss_inquire_attrs_for_mech() is called.
This function can legally return GSS_S_COMPLETE with GSS_NO_OID_SET for both return arguments.
However we do not catch this case and try to build sets for both causing a seggault as soon as we try to check for mech_set.count inside of c_create_oid_set()

You can test this with MIT (any version) and GSS-NTLMSSP and this snippet:

import gssapi

ntlm_mech = gssapi.OID.from_int_seq("1.3.6.1.4.1.311.2.2.10")
gssapi.raw.inquire_attrs_for_mech(ntlm_mech)
@simo5 simo5 changed the title gssapi.raw.indicate_mechs_by_attrs may segfault gssapi.raw.inquire_attrs_for_mech may segfault Mar 20, 2018
@DirectXMan12 DirectXMan12 added this to the 1.4.2 milestone Mar 21, 2018
DirectXMan12 added a commit that referenced this issue Mar 21, 2018
@DirectXMan12
Handle GSS_C_NO_OID_SET when creating sets
3826b71 
Some methods can return GSS_C_NO_OID_SET on success, so we should handle
that in our set converter by returning the empty set.

Fixes #148
@DirectXMan12 DirectXMan12 mentioned this issue Mar 21, 2018
Merged
frozencemetery added a commit that referenced this issue Mar 21, 2018
@frozencemetery
[travis] Install gssntlmssp during testing
3323ab1 
This lets us test that the NTLM mechanism behaves correctly and
properly test #148.
frozencemetery added a commit that referenced this issue Mar 21, 2018
@frozencemetery
[travis] Install gssntlmssp during testing
1e1a318 
This lets us test that the NTLM mechanism behaves correctly and
properly test #148.
frozencemetery added a commit that referenced this issue Mar 21, 2018
@frozencemetery
[travis] Install gssntlmssp during testing
899acc4 
This lets us test that the NTLM mechanism behaves correctly and
properly test #148.
frozencemetery pushed a commit that referenced this issue Mar 26, 2018
@DirectXMan12 @frozencemetery
Handle GSS_C_NO_OID_SET when creating sets
85c563a 
Some methods can return GSS_C_NO_OID_SET on success, so we should handle
that in our set converter by returning the empty set.

Fixes #148
frozencemetery added a commit that referenced this issue Mar 26, 2018
@frozencemetery
[travis] Install gssntlmssp during testing
5e58d2e 
This lets us test that the NTLM mechanism behaves correctly and
properly test #148.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@DirectXMan12 @simo5