diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-05-25 20:55:40 +1000 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2010-05-31 15:11:27 +0200 |
commit | d6fa371b92681a327a86239721fc5990d91ad74f (patch) | |
tree | 4f2cdef8f42b544a05237670bab6b0a5cca56f99 /source3/libsmb/smb_seal.c | |
parent | ebae21f0235b957c8faeeb51c926724909d353e9 (diff) | |
download | samba-d6fa371b92681a327a86239721fc5990d91ad74f.tar.gz samba-d6fa371b92681a327a86239721fc5990d91ad74f.tar.bz2 samba-d6fa371b92681a327a86239721fc5990d91ad74f.zip |
s3:ntlmssp Use a TALLOC_CTX for ntlmssp_sign_packet() and ntlmssp_seal_packet()
This ensures the results can't be easily left to leak.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'source3/libsmb/smb_seal.c')
-rw-r--r-- | source3/libsmb/smb_seal.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/source3/libsmb/smb_seal.c b/source3/libsmb/smb_seal.c index cff237bc8b..92d7fef651 100644 --- a/source3/libsmb/smb_seal.c +++ b/source3/libsmb/smb_seal.c @@ -117,13 +117,14 @@ NTSTATUS common_ntlm_encrypt_buffer(struct ntlmssp_state *ntlmssp_state, char *buf_out; size_t data_len = smb_len(buf) - 4; /* Ignore the 0xFF SMB bytes. */ DATA_BLOB sig; - + TALLOC_CTX *frame; *ppbuf_out = NULL; if (data_len == 0) { return NT_STATUS_BUFFER_TOO_SMALL; } + frame = talloc_stackframe(); /* * We know smb_len can't return a value > 128k, so no int overflow * check needed. @@ -140,6 +141,7 @@ NTSTATUS common_ntlm_encrypt_buffer(struct ntlmssp_state *ntlmssp_state, ZERO_STRUCT(sig); status = ntlmssp_seal_packet(ntlmssp_state, + frame, (unsigned char *)buf_out + 8 + NTLMSSP_SIG_SIZE, /* 4 byte len + 0xFF 'S' <enc> <ctx> */ data_len, (unsigned char *)buf_out + 8 + NTLMSSP_SIG_SIZE, @@ -147,14 +149,14 @@ NTSTATUS common_ntlm_encrypt_buffer(struct ntlmssp_state *ntlmssp_state, &sig); if (!NT_STATUS_IS_OK(status)) { - data_blob_free(&sig); + talloc_free(frame); SAFE_FREE(buf_out); return status; } /* First 16 data bytes are signature for SSPI compatibility. */ memcpy(buf_out + 8, sig.data, NTLMSSP_SIG_SIZE); - data_blob_free(&sig); + talloc_free(frame); *ppbuf_out = buf_out; return NT_STATUS_OK; } |