diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-06-07 08:50:21 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:56:35 -0500 |
commit | bd40d94a05e5f3353b54b2cc94d76c58be7e3766 (patch) | |
tree | 3dc76e19ecb027ab0a7821c90de8f91638d30856 /source4/rpc_server/samr | |
parent | 6d5a47aa9b9b0b7228fa13b4b1096caa5f32abb9 (diff) | |
download | samba-bd40d94a05e5f3353b54b2cc94d76c58be7e3766.tar.gz samba-bd40d94a05e5f3353b54b2cc94d76c58be7e3766.tar.bz2 samba-bd40d94a05e5f3353b54b2cc94d76c58be7e3766.zip |
r1060: check for an invalid session key in samr_set_password()
(This used to be commit 5a90187c2cb7521cb7931355e5cf2f11d55a4ad0)
Diffstat (limited to 'source4/rpc_server/samr')
-rw-r--r-- | source4/rpc_server/samr/samr_password.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c index 95e783f072..d5f995feb8 100644 --- a/source4/rpc_server/samr/samr_password.c +++ b/source4/rpc_server/samr/samr_password.c @@ -695,6 +695,11 @@ NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call, uint32_t new_pass_len; DATA_BLOB session_key = dce_call->conn->session_key; + if (session_key.length == 0) { + DEBUG(3,("Bad session key in samr_set_password\n")); + return NT_STATUS_WRONG_PASSWORD; + } + arcfour_crypt_blob(pwbuf->data, 516, &session_key); if (!decode_pw_buffer(pwbuf->data, new_pass, sizeof(new_pass), |