summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/smbd/sesssetup.c40
1 files changed, 21 insertions, 19 deletions
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 0e8483c81e..8ca012ff24 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -1491,30 +1491,32 @@ void reply_sesssetup_and_X(connection_struct *conn, struct smb_request *req)
lm_resp = data_blob(p, passlen1);
nt_resp = data_blob(p+passlen1, passlen2);
} else {
- pstring pass;
+ char *pass = NULL;
bool unic= smb_flag2 & FLAGS2_UNICODE_STRINGS;
-#if 0
- /* This was the previous fix. Not sure if it's still
- * valid. JRA. */
- if ((ra_type == RA_WINNT) && (passlen2 == 0)
- && unic && passlen1) {
- /* NT4.0 stuffs up plaintext unicode password
- * lengths... */
- srvstr_pull(inbuf, pass, smb_buf(inbuf) + 1,
- sizeof(pass), passlen1, STR_TERMINATE);
-#endif
-
if (unic && (passlen2 == 0) && passlen1) {
/* Only a ascii plaintext password was sent. */
- srvstr_pull(req->inbuf, req->flags2, pass,
- smb_buf(req->inbuf), sizeof(pass),
- passlen1, STR_TERMINATE|STR_ASCII);
+ (void)srvstr_pull_talloc(talloc_tos(),
+ req->inbuf,
+ req->flags2,
+ &pass,
+ smb_buf(req->inbuf),
+ passlen1,
+ STR_TERMINATE|STR_ASCII);
} else {
- srvstr_pull(req->inbuf, req->flags2, pass,
- smb_buf(req->inbuf), sizeof(pass),
- unic ? passlen2 : passlen1,
- STR_TERMINATE);
+ (void)srvstr_pull_talloc(talloc_tos(),
+ req->inbuf,
+ req->flags2,
+ &pass,
+ smb_buf(req->inbuf),
+ unic ? passlen2 : passlen1,
+ STR_TERMINATE);
+ }
+ if (!pass) {
+ reply_nterror(req, nt_status_squash(
+ NT_STATUS_INVALID_PARAMETER));
+ END_PROFILE(SMBsesssetupX);
+ return;
}
plaintext_password = data_blob(pass, strlen(pass)+1);
}