summaryrefslogtreecommitdiff
path: root/source3/libsmb
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2011-09-20 18:50:00 -0700
committerJeremy Allison <jra@samba.org>2011-09-21 05:24:59 +0200
commitad3ac7e3c0bdf9b93c6b831f29452fd63fe0818b (patch)
tree10c3558fe201464c47963a4ad72c4c4808179c5f /source3/libsmb
parent9881712a09b2579047dcca6c22f9e919029455d4 (diff)
downloadsamba-ad3ac7e3c0bdf9b93c6b831f29452fd63fe0818b.tar.gz
samba-ad3ac7e3c0bdf9b93c6b831f29452fd63fe0818b.tar.bz2
samba-ad3ac7e3c0bdf9b93c6b831f29452fd63fe0818b.zip
Try and fix bug #8472 - Crash in asn.1 parsing code.
Found by Codenomicon at the SNIA plugfest. Don't keep going in the loop when reading the OIDs fail. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Sep 21 05:24:59 CEST 2011 on sn-devel-104
Diffstat (limited to 'source3/libsmb')
-rw-r--r--source3/libsmb/clispnego.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index 4581ce4026..d584f9f4ab 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -126,7 +126,12 @@ bool spnego_parse_negTokenInit(TALLOC_CTX *ctx,
asn1_start_tag(data,ASN1_CONTEXT(0));
asn1_start_tag(data,ASN1_SEQUENCE(0));
for (i=0; asn1_tag_remaining(data) > 0 && i < ASN1_MAX_OIDS-1; i++) {
- asn1_read_OID(data,ctx, &OIDs[i]);
+ if (!asn1_read_OID(data,ctx, &OIDs[i])) {
+ break;
+ }
+ if (data->has_error) {
+ break;
+ }
}
OIDs[i] = NULL;
asn1_end_tag(data);