From 4b828cef359ecdbeb21373290e8ebbae09896f44 Mon Sep 17 00:00:00 2001 From: Isaac Boukris Date: Mon, 10 Aug 2015 22:27:59 +0300 Subject: [PATCH 1/3] Avoid NULL dereference of 'actual_mech_type' The actual_mech is not promised till we complet the context. This fix a segfault when creating a SecurityContext with SPNEGO mech. --- gssapi/raw/sec_contexts.pyx | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/gssapi/raw/sec_contexts.pyx b/gssapi/raw/sec_contexts.pyx index 80e20cb2..e1e3ee85 100644 --- a/gssapi/raw/sec_contexts.pyx +++ b/gssapi/raw/sec_contexts.pyx @@ -204,7 +204,7 @@ flags=None, lifetime=None, channel_bindings=None, input_token=None) input_token_buffer.value = input_token input_token_buffer.length = len(input_token) - cdef gss_OID actual_mech_type + cdef gss_OID actual_mech_type = GSS_C_NO_OID; cdef gss_buffer_desc output_token_buffer = gss_buffer_desc(0, NULL) cdef OM_uint32 ret_flags cdef OM_uint32 output_ttl @@ -232,7 +232,9 @@ flags=None, lifetime=None, channel_bindings=None, input_token=None) cdef OID output_mech_type = OID() if maj_stat == GSS_S_COMPLETE or maj_stat == GSS_S_CONTINUE_NEEDED: - output_mech_type.raw_oid = actual_mech_type[0] + if actual_mech_type: + output_mech_type.raw_oid = actual_mech_type[0] + return InitSecContextResult(output_context, output_mech_type, IntEnumFlagSet(RequirementFlag, ret_flags), output_token, From f03de7c85fdf0db348926b6840d888cf37edb40a Mon Sep 17 00:00:00 2001 From: Isaac Boukris Date: Mon, 10 Aug 2015 22:34:12 +0300 Subject: [PATCH 2/3] Clean unreachable code Seem trivial, silents compiler warning: warning: gssapi/raw/sec_contexts.pyx:367:8: Unreachable code --- gssapi/raw/sec_contexts.pyx | 1 - 1 file changed, 1 deletion(-) diff --git a/gssapi/raw/sec_contexts.pyx b/gssapi/raw/sec_contexts.pyx index e1e3ee85..a373a53c 100644 --- a/gssapi/raw/sec_contexts.pyx +++ b/gssapi/raw/sec_contexts.pyx @@ -364,7 +364,6 @@ channel_bindings=None) ret_flags), output_ttl_py, oc, maj_stat == GSS_S_CONTINUE_NEEDED) - return res else: raise GSSError(maj_stat, min_stat, token=output_token) From adc4b6b87a435c06e0729c38c27fe4df8e288ef3 Mon Sep 17 00:00:00 2001 From: Isaac Boukris Date: Mon, 10 Aug 2015 23:14:12 +0300 Subject: [PATCH 3/3] fixup for commit 4b828ce --- gssapi/raw/sec_contexts.pyx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gssapi/raw/sec_contexts.pyx b/gssapi/raw/sec_contexts.pyx index a373a53c..e585bd9e 100644 --- a/gssapi/raw/sec_contexts.pyx +++ b/gssapi/raw/sec_contexts.pyx @@ -204,7 +204,7 @@ flags=None, lifetime=None, channel_bindings=None, input_token=None) input_token_buffer.value = input_token input_token_buffer.length = len(input_token) - cdef gss_OID actual_mech_type = GSS_C_NO_OID; + cdef gss_OID actual_mech_type = GSS_C_NO_OID cdef gss_buffer_desc output_token_buffer = gss_buffer_desc(0, NULL) cdef OM_uint32 ret_flags cdef OM_uint32 output_ttl @@ -232,7 +232,7 @@ flags=None, lifetime=None, channel_bindings=None, input_token=None) cdef OID output_mech_type = OID() if maj_stat == GSS_S_COMPLETE or maj_stat == GSS_S_CONTINUE_NEEDED: - if actual_mech_type: + if actual_mech_type is not GSS_C_NO_OID: output_mech_type.raw_oid = actual_mech_type[0] return InitSecContextResult(output_context, output_mech_type,