diff options
author | Simo Sorce <idra@samba.org> | 2010-08-02 12:05:45 -0400 |
---|---|---|
committer | Simo Sorce <idra@samba.org> | 2010-08-17 06:33:13 -0400 |
commit | 26a3ba60e661bc2eaf05a2c03f8851d252515d3e (patch) | |
tree | fd1d489a942448b990bcbfd071fd2c840131bdca /source3/rpc_client | |
parent | 9b8c7d47f98dffe961dc513f5452dfd72b508136 (diff) | |
download | samba-26a3ba60e661bc2eaf05a2c03f8851d252515d3e.tar.gz samba-26a3ba60e661bc2eaf05a2c03f8851d252515d3e.tar.bz2 samba-26a3ba60e661bc2eaf05a2c03f8851d252515d3e.zip |
s3-dcerpc: Check data and return appropriate error
Diffstat (limited to 'source3/rpc_client')
-rw-r--r-- | source3/rpc_client/cli_pipe.c | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 4ad442edaa..1bee2f875b 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -3433,7 +3433,8 @@ NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx, DATA_BLOB *session_key) { struct pipe_auth_data *a = cli->auth; - DATA_BLOB sk; + DATA_BLOB sk = data_blob_null; + bool make_dup; if (!session_key || !cli) { return NT_STATUS_INVALID_PARAMETER; @@ -3447,27 +3448,41 @@ NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx, case DCERPC_AUTH_TYPE_SCHANNEL: sk = data_blob_const(a->a_u.schannel_auth->creds->session_key, 16); + make_dup = true; break; case DCERPC_AUTH_TYPE_SPNEGO: sk = spnego_get_session_key(a->a_u.spnego_state); if (sk.length == 0) { return NT_STATUS_NO_USER_SESSION_KEY; } + make_dup = true; break; case DCERPC_AUTH_TYPE_NTLMSSP: sk = auth_ntlmssp_get_session_key(a->a_u.auth_ntlmssp_state); + make_dup = true; break; case DCERPC_AUTH_TYPE_KRB5: sk = gse_get_session_key(a->a_u.gssapi_state); + make_dup = true; break; case DCERPC_AUTH_TYPE_NONE: sk = data_blob_const(a->user_session_key.data, a->user_session_key.length); + make_dup = true; break; default: + break; + } + + if (!sk.data) { return NT_STATUS_NO_USER_SESSION_KEY; } - *session_key = data_blob_dup_talloc(mem_ctx, &sk); + if (make_dup) { + *session_key = data_blob_dup_talloc(mem_ctx, &sk); + } else { + *session_key = sk; + } + return NT_STATUS_OK; } |