summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2004-06-07 08:50:21 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:56:35 -0500
commitbd40d94a05e5f3353b54b2cc94d76c58be7e3766 (patch)
tree3dc76e19ecb027ab0a7821c90de8f91638d30856
parent6d5a47aa9b9b0b7228fa13b4b1096caa5f32abb9 (diff)
downloadsamba-bd40d94a05e5f3353b54b2cc94d76c58be7e3766.tar.gz
samba-bd40d94a05e5f3353b54b2cc94d76c58be7e3766.tar.bz2
samba-bd40d94a05e5f3353b54b2cc94d76c58be7e3766.zip
r1060: check for an invalid session key in samr_set_password()
(This used to be commit 5a90187c2cb7521cb7931355e5cf2f11d55a4ad0)
-rw-r--r--source4/rpc_server/samr/samr_password.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index 95e783f072..d5f995feb8 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -695,6 +695,11 @@ NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call,
uint32_t new_pass_len;
DATA_BLOB session_key = dce_call->conn->session_key;
+ if (session_key.length == 0) {
+ DEBUG(3,("Bad session key in samr_set_password\n"));
+ return NT_STATUS_WRONG_PASSWORD;
+ }
+
arcfour_crypt_blob(pwbuf->data, 516, &session_key);
if (!decode_pw_buffer(pwbuf->data, new_pass, sizeof(new_pass),