diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-09-16 14:37:20 +1000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2010-09-16 21:09:17 +1000 |
commit | 6832d5e9334f93d2b41fa50580379a2381311748 (patch) | |
tree | c4cb065d6ca93f4f367a2329b14a6eac90d163af /source3/smbd | |
parent | d5a4e53ad8dd572b9469530dfcd37601e2905a88 (diff) | |
download | samba-6832d5e9334f93d2b41fa50580379a2381311748.tar.gz samba-6832d5e9334f93d2b41fa50580379a2381311748.tar.bz2 samba-6832d5e9334f93d2b41fa50580379a2381311748.zip |
libcli/auth/ntlmssp Be clear about talloc parents for session keys
The previous API was not clear as to who owned the returned session key.
This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code,
and avoids making allocations - we steal and zero instead.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'source3/smbd')
-rw-r--r-- | source3/smbd/sesssetup.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 58b446da17..0b999b348a 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -405,6 +405,7 @@ static void reply_spnego_kerberos(struct smb_request *req, } data_blob_free(&server_info->user_session_key); + /* Set the kerberos-derived session key onto the server_info */ server_info->user_session_key = session_key; talloc_steal(server_info, session_key.data); |