summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2009-04-20 10:54:57 +0200
committerAndrew Bartlett <abartlet@samba.org>2009-04-20 10:54:57 +0200
commit02ecdd8f292812b886ea3ae3d69d0e221346f9e7 (patch)
tree6ea40a1e7001377b6c2b75c2fa0b3e04af713057
parent7a54cd041e04f901af5e73b9e57b9cff4e182955 (diff)
downloadsamba-02ecdd8f292812b886ea3ae3d69d0e221346f9e7.tar.gz
samba-02ecdd8f292812b886ea3ae3d69d0e221346f9e7.tar.bz2
samba-02ecdd8f292812b886ea3ae3d69d0e221346f9e7.zip
libcli/auth: Don't pass back lm_sess_key as the same pointer as user_sess_key
This ensures that a talloc_free() of both pointers won't double-free (sharing pointers like this is evil anyway). Andrew Bartlett
-rw-r--r--libcli/auth/ntlm_check.c20
1 files changed, 7 insertions, 13 deletions
diff --git a/libcli/auth/ntlm_check.c b/libcli/auth/ntlm_check.c
index 5ad03cfe12..2cfe8e1ef8 100644
--- a/libcli/auth/ntlm_check.c
+++ b/libcli/auth/ntlm_check.c
@@ -356,9 +356,8 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
client_domain,
false,
user_sess_key)) {
- *lm_sess_key = *user_sess_key;
if (user_sess_key->length) {
- lm_sess_key->length = 8;
+ *lm_sess_key = data_blob_talloc(mem_ctx, user_sess_key->data, MIN(8, user_sess_key->length));
}
return NT_STATUS_OK;
}
@@ -371,9 +370,8 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
client_domain,
true,
user_sess_key)) {
- *lm_sess_key = *user_sess_key;
if (user_sess_key->length) {
- lm_sess_key->length = 8;
+ *lm_sess_key = data_blob_talloc(mem_ctx, user_sess_key->data, MIN(8, user_sess_key->length));
}
return NT_STATUS_OK;
}
@@ -386,9 +384,8 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
"",
false,
user_sess_key)) {
- *lm_sess_key = *user_sess_key;
if (user_sess_key->length) {
- lm_sess_key->length = 8;
+ *lm_sess_key = data_blob_talloc(mem_ctx, user_sess_key->data, MIN(8, user_sess_key->length));
}
return NT_STATUS_OK;
} else {
@@ -408,7 +405,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
so use it only if we otherwise allow LM authentication */
if (lanman_auth && stored_lanman) {
- *lm_sess_key = data_blob_talloc(mem_ctx, stored_lanman->hash, 8);
+ *lm_sess_key = data_blob_talloc(mem_ctx, stored_lanman->hash, MIN(8, user_sess_key->length));
}
return NT_STATUS_OK;
} else {
@@ -497,9 +494,8 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
/* Otherwise, use the LMv2 session key */
*user_sess_key = tmp_sess_key;
}
- *lm_sess_key = *user_sess_key;
if (user_sess_key->length) {
- lm_sess_key->length = 8;
+ *lm_sess_key = data_blob_talloc(mem_ctx, user_sess_key->data, MIN(8, user_sess_key->length));
}
return NT_STATUS_OK;
}
@@ -528,9 +524,8 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
/* Otherwise, use the LMv2 session key */
*user_sess_key = tmp_sess_key;
}
- *lm_sess_key = *user_sess_key;
if (user_sess_key->length) {
- lm_sess_key->length = 8;
+ *lm_sess_key = data_blob_talloc(mem_ctx, user_sess_key->data, MIN(8, user_sess_key->length));
}
return NT_STATUS_OK;
}
@@ -559,9 +554,8 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
/* Otherwise, use the LMv2 session key */
*user_sess_key = tmp_sess_key;
}
- *lm_sess_key = *user_sess_key;
if (user_sess_key->length) {
- lm_sess_key->length = 8;
+ *lm_sess_key = data_blob_talloc(mem_ctx, user_sess_key->data, MIN(8, user_sess_key->length));
}
return NT_STATUS_OK;
}