summaryrefslogtreecommitdiff
path: root/source3/auth/auth_script.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/auth/auth_script.c')
-rw-r--r--source3/auth/auth_script.c55
1 files changed, 45 insertions, 10 deletions
diff --git a/source3/auth/auth_script.c b/source3/auth/auth_script.c
index 4432ff4aec..dc8794bf16 100644
--- a/source3/auth/auth_script.c
+++ b/source3/auth/auth_script.c
@@ -74,32 +74,62 @@ static NTSTATUS script_check_user_credentials(const struct auth_context *auth_co
return NT_STATUS_NO_MEMORY;
}
- strlcpy( secret_str, user_info->mapped.domain_name, secret_str_len);
- strlcat( secret_str, "\n", secret_str_len);
- strlcat( secret_str, user_info->client.account_name, secret_str_len);
- strlcat( secret_str, "\n", secret_str_len);
+ if (strlcpy( secret_str, user_info->mapped.domain_name, secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
+ if (strlcat( secret_str, "\n", secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
+ if (strlcat( secret_str, user_info->client.account_name, secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
+ if (strlcat( secret_str, "\n", secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
for (i = 0; i < 8; i++) {
slprintf(&hex_str[i*2], 3, "%02X", auth_context->challenge.data[i]);
}
- strlcat( secret_str, hex_str, secret_str_len);
- strlcat( secret_str, "\n", secret_str_len);
+ if (strlcat( secret_str, hex_str, secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
+ if (strlcat( secret_str, "\n", secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
if (user_info->password.response.lanman.data) {
for (i = 0; i < 24; i++) {
slprintf(&hex_str[i*2], 3, "%02X", user_info->password.response.lanman.data[i]);
}
- strlcat( secret_str, hex_str, secret_str_len);
+ if (strlcat( secret_str, hex_str, secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
+ }
+ if (strlcat( secret_str, "\n", secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
}
- strlcat( secret_str, "\n", secret_str_len);
if (user_info->password.response.nt.data) {
for (i = 0; i < 24; i++) {
slprintf(&hex_str[i*2], 3, "%02X", user_info->password.response.nt.data[i]);
}
- strlcat( secret_str, hex_str, secret_str_len);
+ if (strlcat( secret_str, hex_str, secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
+ }
+ if (strlcat( secret_str, "\n", secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
}
- strlcat( secret_str, "\n", secret_str_len);
DEBUG(10,("script_check_user_credentials: running %s with parameters:\n%s\n",
script, secret_str ));
@@ -117,6 +147,11 @@ static NTSTATUS script_check_user_credentials(const struct auth_context *auth_co
/* Cause the auth system to keep going.... */
return NT_STATUS_NOT_IMPLEMENTED;
+
+ cat_out:
+
+ SAFE_FREE(secret_str);
+ return NT_STATUS_NO_MEMORY;
}
/* module initialisation */
generated by cgit (git 2.34.1) at 2024-07-10 02:29:07 +0000