summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2011-09-22 13:42:56 -0700
committerJeremy Allison <jra@samba.org>2011-09-23 03:19:46 +0200
commitf0f91d0117b2ccf778382e61a411b5e4f0ea2b14 (patch)
tree6f1c0d807c094844eaeca01d19bdb616be032a15 /source3/smbd
parentf236c539ad39932ee3c9a5df0276147a45dd1a42 (diff)
downloadsamba-f0f91d0117b2ccf778382e61a411b5e4f0ea2b14.tar.gz
samba-f0f91d0117b2ccf778382e61a411b5e4f0ea2b14.tar.bz2
samba-f0f91d0117b2ccf778382e61a411b5e4f0ea2b14.zip
Fix bug #8477 - Map to guest can return uninitialized blob of data.
Found by Codenomicon at SNIA SDC. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Sep 23 03:19:46 CEST 2011 on sn-devel-104
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/smb2_sesssetup.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 95badaf136..e645770014 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -58,7 +58,7 @@ NTSTATUS smbd_smb2_request_process_sesssetup(struct smbd_smb2_request *smb2req)
uint16_t out_session_flags;
uint64_t out_session_id;
uint16_t out_security_offset;
- DATA_BLOB out_security_buffer;
+ DATA_BLOB out_security_buffer = data_blob_null;
NTSTATUS status;
status = smbd_smb2_request_verify_sizes(smb2req, 0x19);
@@ -637,6 +637,8 @@ static NTSTATUS smbd_smb2_raw_ntlmssp_auth(struct smbd_smb2_session *session,
{
NTSTATUS status;
+ *out_security_buffer = data_blob_null;
+
if (session->auth_ntlmssp_state == NULL) {
status = auth_ntlmssp_prepare(session->sconn->remote_address,
&session->auth_ntlmssp_state);