Bug #8683

SMB server should check tokens from authsvc

Added by Gordon Ross 30 days ago.

Status:NewStart date:2017-09-23
Priority:NormalDue date:
Assignee:Gordon Ross% Done:

0%

Category:-
Target version:-
Difficulty:Medium Tags:needs-triage

Description

If the user space smb deamon (smbd) constructs an authentication "token" in response to a "get token" request on the "authsvc" named pipe.
The client-side of that request is an SMB logon thread in the smbsrv driver, so that "token" will be unpacked in the smbsrv driver.
That means this object needs scrutiny similar to any other object coming into the kernel from user space, in case smbd
has a bug (or whatever) causing that token to be incompletely formed.

Fix is to check that all of the token is there when the client-side (in-kernel) gets that response.

Also available in: Atom