diff options
| author | Jeremy Allison <jra@samba.org> | 2011-09-20 18:50:00 -0700 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2011-09-21 05:24:59 +0200 |
| commit | ad3ac7e3c0bdf9b93c6b831f29452fd63fe0818b (patch) | |
| tree | 10c3558fe201464c47963a4ad72c4c4808179c5f /source3/libsmb | |
| parent | 9881712a09b2579047dcca6c22f9e919029455d4 (diff) | |
| download | samba-ad3ac7e3c0bdf9b93c6b831f29452fd63fe0818b.tar.gz samba-ad3ac7e3c0bdf9b93c6b831f29452fd63fe0818b.tar.bz2 samba-ad3ac7e3c0bdf9b93c6b831f29452fd63fe0818b.zip | |
Try and fix bug #8472 - Crash in asn.1 parsing code.
Found by Codenomicon at the SNIA plugfest. Don't keep going
in the loop when reading the OIDs fail.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Sep 21 05:24:59 CEST 2011 on sn-devel-104
Diffstat (limited to 'source3/libsmb')
| -rw-r--r-- | source3/libsmb/clispnego.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c index 4581ce4026..d584f9f4ab 100644 --- a/source3/libsmb/clispnego.c +++ b/source3/libsmb/clispnego.c @@ -126,7 +126,12 @@ bool spnego_parse_negTokenInit(TALLOC_CTX *ctx, asn1_start_tag(data,ASN1_CONTEXT(0)); asn1_start_tag(data,ASN1_SEQUENCE(0)); for (i=0; asn1_tag_remaining(data) > 0 && i < ASN1_MAX_OIDS-1; i++) { - asn1_read_OID(data,ctx, &OIDs[i]); + if (!asn1_read_OID(data,ctx, &OIDs[i])) { + break; + } + if (data->has_error) { + break; + } } OIDs[i] = NULL; asn1_end_tag(data); |