From 9e15786d093ac984262394510333cb3c3d512e1a Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 11 Nov 2014 15:23:02 +1300
Subject: [PATCH] CVE-2014-8143:auth: Force talloc type of session_info pointer
 to match

This helps us keep things safe in LDB where we put this in a opaque pointer.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Andrew Bartlett

Change-Id: I46fe53ba655ca0810c276b72fbca524884cdf22d
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
---
 source4/auth/session.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/source4/auth/session.c b/source4/auth/session.c
index bb0b5bca636..8c853021a1e 100644
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -204,6 +204,11 @@ struct auth_session_info *auth_session_info_from_transport(TALLOC_CTX *mem_ctx,
 {
 	struct auth_session_info *session_info;
 	session_info = talloc_steal(mem_ctx, session_info_transport->session_info);
+	/*
+	 * This is to allow us to check the type of this pointer using
+	 * talloc_get_type()
+	 */
+	talloc_set_name(session_info, "struct auth_session_info");
 #ifdef HAVE_GSS_IMPORT_CRED
 	if (session_info_transport->exported_gssapi_credentials.length) {
 		struct cli_credentials *creds;
-- 
2.11.4.GIT