49 lines
1.5 KiB
Diff
49 lines
1.5 KiB
Diff
From 8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379 Mon Sep 17 00:00:00 2001
|
|
From: Jeffrey Bencteux <jbe@improsec.com>
|
|
Date: Sat, 19 Mar 2022 13:41:15 -0400
|
|
Subject: [PATCH] mount.cifs: fix verbose messages on option parsing
|
|
|
|
When verbose logging is enabled, invalid credentials file lines may be
|
|
dumped to stderr. This may lead to information disclosure in particular
|
|
conditions when the credentials file given is sensitive and contains '='
|
|
signs.
|
|
|
|
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15026
|
|
|
|
Signed-off-by: Jeffrey Bencteux <jbe@improsec.com>
|
|
Reviewed-by: David Disseldorp <ddiss@suse.de>
|
|
|
|
Upstream-Status: Backport [https://git.samba.org/?p=cifs-utils.git;a=commit;h=8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379]
|
|
CVE: CVE-2022-29869
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
|
|
---
|
|
mount.cifs.c | 6 +-----
|
|
1 file changed, 1 insertion(+), 5 deletions(-)
|
|
|
|
diff --git a/mount.cifs.c b/mount.cifs.c
|
|
index 3a6b449..2278995 100644
|
|
--- a/mount.cifs.c
|
|
+++ b/mount.cifs.c
|
|
@@ -628,17 +628,13 @@ static int open_cred_file(char *file_name,
|
|
goto return_i;
|
|
break;
|
|
case CRED_DOM:
|
|
- if (parsed_info->verboseflag)
|
|
- fprintf(stderr, "domain=%s\n",
|
|
- temp_val);
|
|
strlcpy(parsed_info->domain, temp_val,
|
|
sizeof(parsed_info->domain));
|
|
break;
|
|
case CRED_UNPARSEABLE:
|
|
if (parsed_info->verboseflag)
|
|
fprintf(stderr, "Credential formatted "
|
|
- "incorrectly: %s\n",
|
|
- temp_val ? temp_val : "(null)");
|
|
+ "incorrectly\n");
|
|
break;
|
|
}
|
|
}
|
|
--
|
|
2.34.1
|
|
|