summaryrefslogtreecommitdiff
path: root/source4/libcli/util
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-06-19 08:15:41 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:56:44 -0500
commitbf598954f75bfd924b9aa22649975b372c74a49e (patch)
tree10395f5e51d75c68b2adb667dc00a1931a44705b /source4/libcli/util
parentbc2fd488f1ad6116ba71fe793cc4444b8cd3c7a2 (diff)
downloadsamba-bf598954f75bfd924b9aa22649975b372c74a49e.tar.gz
samba-bf598954f75bfd924b9aa22649975b372c74a49e.tar.bz2
samba-bf598954f75bfd924b9aa22649975b372c74a49e.zip
r1198: Merge the Samba 3.0 ntlm_auth, including the kerberos and SPENGO parts.
I have moved the SPNEGO and Kerberos code into libcli/auth, and intend to refactor them into the same format as NTLMSSP. Andrew Bartlett (This used to be commit 58da78a7460d5d0a4abee7d7b84799c228e6bc0b)
Diffstat (limited to 'source4/libcli/util')
-rw-r--r--source4/libcli/util/asn1.c35
1 files changed, 24 insertions, 11 deletions
diff --git a/source4/libcli/util/asn1.c b/source4/libcli/util/asn1.c
index ddefe0baa6..05bc5eace8 100644
--- a/source4/libcli/util/asn1.c
+++ b/source4/libcli/util/asn1.c
@@ -219,6 +219,11 @@ BOOL asn1_load(ASN1_DATA *data, DATA_BLOB blob)
/* read from a ASN1 buffer, advancing the buffer pointer */
BOOL asn1_read(ASN1_DATA *data, void *p, int len)
{
+ if (len < 0 || data->ofs + len < data->ofs || data->ofs + len < len) {
+ data->has_error = True;
+ return False;
+ }
+
if (data->ofs + len > data->length) {
data->has_error = True;
return False;
@@ -315,17 +320,17 @@ int asn1_tag_remaining(ASN1_DATA *data)
BOOL asn1_read_OID(ASN1_DATA *data, char **OID)
{
uint8_t b;
- pstring aoid;
- fstring el;
+ char *oid = NULL;
+ TALLOC_CTX *mem_ctx = talloc_init("asn1_read_OID");
+ if (!mem_ctx) {
+ return False;
+ }
if (!asn1_start_tag(data, ASN1_OID)) return False;
asn1_read_uint8(data, &b);
- aoid[0] = 0;
- snprintf(el, sizeof(el), "%u", b/40);
- pstrcat(aoid, el);
- snprintf(el, sizeof(el), " %u", b%40);
- pstrcat(aoid, el);
+ oid = talloc_asprintf_append(mem_ctx, oid, "%u", b/40);
+ oid = talloc_asprintf_append(mem_ctx, oid, " %u", b%40);
while (asn1_tag_remaining(data) > 0) {
uint_t v = 0;
@@ -333,15 +338,15 @@ BOOL asn1_read_OID(ASN1_DATA *data, char **OID)
asn1_read_uint8(data, &b);
v = (v<<7) | (b&0x7f);
} while (!data->has_error && b & 0x80);
- snprintf(el, sizeof(el), " %u", v);
- pstrcat(aoid, el);
+ oid = talloc_asprintf_append(mem_ctx, oid, " %u", v);
}
asn1_end_tag(data);
- *OID = strdup(aoid);
+ *OID = strdup(oid);
+ talloc_destroy(mem_ctx);
- return !data->has_error;
+ return (*OID && !data->has_error);
}
/* check that the next object ID is correct */
@@ -365,6 +370,10 @@ BOOL asn1_read_GeneralString(ASN1_DATA *data, char **s)
int len;
if (!asn1_start_tag(data, ASN1_GENERAL_STRING)) return False;
len = asn1_tag_remaining(data);
+ if (len < 0) {
+ data->has_error = True;
+ return False;
+ }
*s = malloc(len+1);
if (! *s) {
data->has_error = True;
@@ -383,6 +392,10 @@ BOOL asn1_read_OctetString(ASN1_DATA *data, DATA_BLOB *blob)
ZERO_STRUCTP(blob);
if (!asn1_start_tag(data, ASN1_OCTET_STRING)) return False;
len = asn1_tag_remaining(data);
+ if (len < 0) {
+ data->has_error = True;
+ return False;
+ }
*blob = data_blob(NULL, len);
asn1_read(data, blob->data, len);
asn1_end_tag(data);