fix 0052-CVE-2022-24883.patch -- it stopped applying after dropping patch 0051.
This commit is contained in:
Tobias Frost
parent
326341043d
commit
180fc8f332
30
debian/patches/0052-CVE-2022-24883.patch
vendored
30
debian/patches/0052-CVE-2022-24883.patch
vendored
@ -13,7 +13,7 @@ Subject: [PATCH] Cleaned up ntlm_fetch_ntlm_v2_hash
|
||||
|
||||
--- a/winpr/libwinpr/sspi/NTLM/ntlm_compute.c
|
||||
+++ b/winpr/libwinpr/sspi/NTLM/ntlm_compute.c
|
||||
@@ -282,10 +282,11 @@
|
||||
@@ -206,59 +206,48 @@
|
||||
ntlm_current_time(context->Timestamp);
|
||||
}
|
||||
|
||||
@ -25,10 +25,7 @@ Subject: [PATCH] Cleaned up ntlm_fetch_ntlm_v2_hash
|
||||
+ BOOL rc = FALSE;
|
||||
+ WINPR_SAM* sam = NULL;
|
||||
+ WINPR_SAM_ENTRY* entry = NULL;
|
||||
SSPI_CREDENTIALS* credentials;
|
||||
|
||||
WINPR_ASSERT(context);
|
||||
@@ -295,48 +296,39 @@
|
||||
SSPI_CREDENTIALS* credentials = context->credentials;
|
||||
sam = SamOpen(context->SamFile, TRUE);
|
||||
|
||||
if (!sam)
|
||||
@ -45,7 +42,7 @@ Subject: [PATCH] Cleaned up ntlm_fetch_ntlm_v2_hash
|
||||
+ if (!entry)
|
||||
{
|
||||
-#ifdef WITH_DEBUG_NTLM
|
||||
- WLog_VRB(TAG, "NTLM Hash:");
|
||||
- WLog_DBG(TAG, "NTLM Hash:");
|
||||
- winpr_HexDump(TAG, WLOG_DEBUG, entry->NtHash, 16);
|
||||
-#endif
|
||||
- NTOWFv2FromHashW(entry->NtHash, (LPWSTR)credentials->identity.User,
|
||||
@ -57,16 +54,17 @@ Subject: [PATCH] Cleaned up ntlm_fetch_ntlm_v2_hash
|
||||
+ entry = SamLookupUserW(sam, (LPWSTR)credentials->identity.User,
|
||||
+ credentials->identity.UserLength * sizeof(WCHAR), NULL, 0);
|
||||
}
|
||||
|
||||
- entry = SamLookupUserW(sam, (LPWSTR)credentials->identity.User,
|
||||
- credentials->identity.UserLength * 2, NULL, 0);
|
||||
+
|
||||
+ if (!entry)
|
||||
+ goto fail;
|
||||
|
||||
- entry = SamLookupUserW(sam, (LPWSTR)credentials->identity.User,
|
||||
- credentials->identity.UserLength * 2, NULL, 0);
|
||||
-
|
||||
- if (entry)
|
||||
- {
|
||||
#ifdef WITH_DEBUG_NTLM
|
||||
WLog_VRB(TAG, "NTLM Hash:");
|
||||
WLog_DBG(TAG, "NTLM Hash:");
|
||||
winpr_HexDump(TAG, WLOG_DEBUG, entry->NtHash, 16);
|
||||
#endif
|
||||
- NTOWFv2FromHashW(entry->NtHash, (LPWSTR)credentials->identity.User,
|
||||
@ -79,6 +77,10 @@ Subject: [PATCH] Cleaned up ntlm_fetch_ntlm_v2_hash
|
||||
- else
|
||||
- {
|
||||
- SamClose(sam);
|
||||
- WLog_ERR(TAG, "Error: Could not find user in SAM database");
|
||||
- return 0;
|
||||
- }
|
||||
|
||||
+ NTOWFv2FromHashW(entry->NtHash, (LPWSTR)credentials->identity.User,
|
||||
+ credentials->identity.UserLength * sizeof(WCHAR),
|
||||
+ (LPWSTR)credentials->identity.Domain,
|
||||
@ -88,12 +90,10 @@ Subject: [PATCH] Cleaned up ntlm_fetch_ntlm_v2_hash
|
||||
+
|
||||
+fail:
|
||||
+ SamFreeEntry(sam, entry);
|
||||
+ SamClose(sam);
|
||||
SamClose(sam);
|
||||
- return 1;
|
||||
+ if (!rc)
|
||||
WLog_ERR(TAG, "Error: Could not find user in SAM database");
|
||||
- return 0;
|
||||
- }
|
||||
+
|
||||
+ WLog_ERR(TAG, "Error: Could not find user in SAM database");
|
||||
+ return rc;
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user