Description: fix code execution vulnerability in smbd daemon
Origin: https://www.samba.org/samba/ftp/patches/security/samba-4.1.16-CVE-2015-0240.patch
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11077

Index: samba-4.1.13+dfsg/source3/rpc_server/netlogon/srv_netlog_nt.c
===================================================================
--- samba-4.1.13+dfsg.orig/source3/rpc_server/netlogon/srv_netlog_nt.c	2013-12-05 04:18:10.000000000 -0500
+++ samba-4.1.13+dfsg/source3/rpc_server/netlogon/srv_netlog_nt.c	2015-02-23 08:36:37.431736338 -0500
@@ -1101,6 +1101,10 @@
 	bool schannel_global_required = (lp_server_schannel() == true) ? true:false;
 	struct loadparm_context *lp_ctx;
 
+	if (creds_out != NULL) {
+		*creds_out = NULL;
+	}
+
 	if (schannel_global_required) {
 		status = schannel_check_required(&p->auth,
 						 computer_name,
@@ -1258,7 +1262,7 @@
 {
 	NTSTATUS status = NT_STATUS_OK;
 	int i;
-	struct netlogon_creds_CredentialState *creds;
+	struct netlogon_creds_CredentialState *creds = NULL;
 
 	DEBUG(5,("_netr_ServerPasswordSet: %d\n", __LINE__));
 
@@ -1271,9 +1275,14 @@
 	unbecome_root();
 
 	if (!NT_STATUS_IS_OK(status)) {
+		const char *computer_name = "<unknown>";
+
+		if (creds != NULL && creds->computer_name != NULL) {
+			computer_name = creds->computer_name;
+		}
 		DEBUG(2,("_netr_ServerPasswordSet: netlogon_creds_server_step failed. Rejecting auth "
 			"request from client %s machine account %s\n",
-			r->in.computer_name, creds->computer_name));
+			r->in.computer_name, computer_name));
 		TALLOC_FREE(creds);
 		return status;
 	}