diff options
author | Jeremy Allison <jra@samba.org> | 2012-01-24 14:41:30 -0800 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2012-01-25 01:38:06 +0100 |
commit | fb235a3be6372e40ff7f7ebbcd7905a08cb04444 (patch) | |
tree | 5f4b501d83e0a19f2826ce2efd3021a8c1310e52 | |
parent | 4444612b86717bea95edd66ded5bdfc6bc5f7bc2 (diff) | |
download | samba-fb235a3be6372e40ff7f7ebbcd7905a08cb04444.tar.gz samba-fb235a3be6372e40ff7f7ebbcd7905a08cb04444.tar.bz2 samba-fb235a3be6372e40ff7f7ebbcd7905a08cb04444.zip |
s3: Fix bug #8674.
Buffer overflow issue with AES encryption in samba traffic analyzer.
-rw-r--r-- | source3/modules/vfs_smb_traffic_analyzer.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/source3/modules/vfs_smb_traffic_analyzer.c b/source3/modules/vfs_smb_traffic_analyzer.c index 4d1ffbd06d..7b9a902e14 100644 --- a/source3/modules/vfs_smb_traffic_analyzer.c +++ b/source3/modules/vfs_smb_traffic_analyzer.c @@ -187,8 +187,7 @@ static char *smb_traffic_analyzer_encrypt( TALLOC_CTX *ctx, samba_AES_encrypt((const unsigned char *) str+(16*h), crypted, &key); for (d = 0; d<16; d++) output[d+(16*h)]=crypted[d]; } - samba_AES_encrypt( (const unsigned char *) str+(16*h), filler, &key ); - for (d = 0;d < 16; d++) output[d+(16*h)]=*(filler+d); + samba_AES_encrypt(filler, (const unsigned char *)(output+(16*h)), &key); *len = (s1*16)+16; return output; } |