summaryrefslogtreecommitdiff
path: root/source4/libcli
diff options
context:
space:
mode:
Diffstat (limited to 'source4/libcli')
-rw-r--r--source4/libcli/auth/ntlmssp_parse.c6
-rw-r--r--source4/libcli/raw/rawrequest.c17
-rw-r--r--source4/libcli/util/smbencrypt.c39
3 files changed, 37 insertions, 25 deletions
diff --git a/source4/libcli/auth/ntlmssp_parse.c b/source4/libcli/auth/ntlmssp_parse.c
index 8edadf50f5..9c4cc40acf 100644
--- a/source4/libcli/auth/ntlmssp_parse.c
+++ b/source4/libcli/auth/ntlmssp_parse.c
@@ -236,7 +236,7 @@ BOOL msrpc_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob,
return False;
if (0 < len1) {
- pull_string(NULL, p, blob->data + ptr, sizeof(p),
+ pull_string(p, blob->data + ptr, sizeof(p),
len1,
STR_UNICODE|STR_NOALIGN);
(*ps) = talloc_strdup(mem_ctx, p);
@@ -267,7 +267,7 @@ BOOL msrpc_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob,
return False;
if (0 < len1) {
- pull_string(NULL, p, blob->data + ptr, sizeof(p),
+ pull_string(p, blob->data + ptr, sizeof(p),
len1,
STR_ASCII|STR_NOALIGN);
(*ps) = talloc_strdup(mem_ctx, p);
@@ -322,7 +322,7 @@ BOOL msrpc_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob,
if (blob->data + head_ofs < (uint8_t *)head_ofs || blob->data + head_ofs < blob->data)
return False;
- head_ofs += pull_string(NULL, p, blob->data+head_ofs, sizeof(p),
+ head_ofs += pull_string(p, blob->data+head_ofs, sizeof(p),
blob->length - head_ofs,
STR_ASCII|STR_TERMINATE);
if (strcmp(s, p) != 0) {
diff --git a/source4/libcli/raw/rawrequest.c b/source4/libcli/raw/rawrequest.c
index 6536af3072..1ff36d0a8d 100644
--- a/source4/libcli/raw/rawrequest.c
+++ b/source4/libcli/raw/rawrequest.c
@@ -369,13 +369,14 @@ size_t smbcli_req_append_string(struct smbcli_request *req, const char *str, uin
smbcli_req_grow_allocation(req, len + req->out.data_size);
- len = push_string(NULL, req->out.data + req->out.data_size, str, len, flags);
+ len = push_string(req->out.data + req->out.data_size, str, len, flags);
smbcli_req_grow_data(req, len + req->out.data_size);
return len;
}
+
/*
this is like smbcli_req_append_string but it also return the
non-terminated string byte length, which can be less than the number
@@ -528,7 +529,7 @@ static size_t smbcli_req_pull_ucs2(struct smbcli_request *req, TALLOC_CTX *mem_c
return 0;
}
- ret = convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX, src, src_len2, (const void **)dest);
+ ret = convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX, src, src_len2, (void **)dest);
if (ret == -1) {
*dest = NULL;
return 0;
@@ -570,7 +571,7 @@ size_t smbcli_req_pull_ascii(struct smbcli_request *req, TALLOC_CTX *mem_ctx,
src_len2++;
}
- ret = convert_string_talloc(mem_ctx, CH_DOS, CH_UNIX, src, src_len2, (const void **)dest);
+ ret = convert_string_talloc(mem_ctx, CH_DOS, CH_UNIX, src, src_len2, (void **)dest);
if (ret == -1) {
*dest = NULL;
@@ -696,6 +697,7 @@ static size_t smbcli_blob_pull_ucs2(TALLOC_CTX* mem_ctx,
{
int src_len, src_len2, alignment=0;
ssize_t ret;
+ char *dest2;
if (src < (const char *)blob->data ||
src >= (const char *)(blob->data + blob->length)) {
@@ -727,11 +729,12 @@ static size_t smbcli_blob_pull_ucs2(TALLOC_CTX* mem_ctx,
src_len2 += 2;
}
- ret = convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX, src, src_len2, (const void **)dest);
+ ret = convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX, src, src_len2, (void **)&dest2);
if (ret == -1) {
*dest = NULL;
return 0;
}
+ *dest = dest2;
return src_len2 + alignment;
}
@@ -755,6 +758,7 @@ static size_t smbcli_blob_pull_ascii(TALLOC_CTX *mem_ctx,
{
int src_len, src_len2;
ssize_t ret;
+ char *dest2;
src_len = blob->length - PTR_DIFF(src, blob->data);
if (src_len < 0) {
@@ -771,12 +775,13 @@ static size_t smbcli_blob_pull_ascii(TALLOC_CTX *mem_ctx,
src_len2++;
}
- ret = convert_string_talloc(mem_ctx, CH_DOS, CH_UNIX, src, src_len2, (const void **)dest);
+ ret = convert_string_talloc(mem_ctx, CH_DOS, CH_UNIX, src, src_len2, (void **)&dest2);
if (ret == -1) {
*dest = NULL;
return 0;
}
+ *dest = dest2;
return ret;
}
@@ -911,7 +916,7 @@ size_t smbcli_blob_append_string(struct smbcli_session *session,
return 0;
}
- len = push_string(NULL, blob->data + blob->length, str, max_len, flags);
+ len = push_string(blob->data + blob->length, str, max_len, flags);
blob->length += len;
diff --git a/source4/libcli/util/smbencrypt.c b/source4/libcli/util/smbencrypt.c
index a50b4edc88..f0dba16a5a 100644
--- a/source4/libcli/util/smbencrypt.c
+++ b/source4/libcli/util/smbencrypt.c
@@ -61,15 +61,17 @@ BOOL SMBencrypt(const char *passwd, const uint8_t *c8, uint8_t p24[24])
void E_md4hash(const char *passwd, uint8_t p16[16])
{
int len;
- smb_ucs2_t wpwd[129];
+ smb_ucs2_t *wpwd;
- /* Password must be converted to NT unicode - null terminated. */
- push_ucs2(NULL, wpwd, (const char *)passwd, 256, STR_UNICODE|STR_NOALIGN|STR_TERMINATE);
- /* Calculate length in bytes */
- len = strlen_w(wpwd) * sizeof(int16_t);
+ TALLOC_CTX *mem_ctx = talloc_init("E_md4hash");
+ SMB_ASSERT(mem_ctx);
+ len = push_ucs2_talloc(mem_ctx, &wpwd, passwd);
+ SMB_ASSERT(len >= 2);
+
+ len -= 2;
mdfour(p16, (uint8_t *)wpwd, len);
- ZERO_STRUCT(wpwd);
+ talloc_free(mem_ctx);
}
/**
@@ -114,16 +116,22 @@ BOOL ntv2_owf_gen(const uint8_t owf[16],
size_t domain_byte_len;
HMACMD5Context ctx;
+ TALLOC_CTX *mem_ctx = talloc_init("ntv2_owf_gen for %s\\%s", domain_in, user_in);
+ if (!mem_ctx) {
+ return False;
+ }
- user_byte_len = push_ucs2_allocate(&user, user_in);
- if (user_byte_len == (size_t)-1) {
- DEBUG(0, ("push_uss2_allocate() for user returned -1 (probably malloc() failure)\n"));
+ user_byte_len = push_ucs2_talloc(mem_ctx, &user, user_in);
+ if (user_byte_len == (ssize_t)-1) {
+ DEBUG(0, ("push_uss2_talloc() for user returned -1 (probably talloc() failure)\n"));
+ talloc_free(mem_ctx);
return False;
}
- domain_byte_len = push_ucs2_allocate(&domain, domain_in);
- if (domain_byte_len == (size_t)-1) {
- DEBUG(0, ("push_uss2_allocate() for domain returned -1 (probably malloc() failure)\n"));
+ domain_byte_len = push_ucs2_talloc(mem_ctx, &domain, domain_in);
+ if (domain_byte_len == (ssize_t)-1) {
+ DEBUG(0, ("push_ucs2_talloc() for domain returned -1 (probably talloc() failure)\n"));
+ talloc_free(mem_ctx);
return False;
}
@@ -152,8 +160,7 @@ BOOL ntv2_owf_gen(const uint8_t owf[16],
dump_data(100, kr_buf, 16);
#endif
- SAFE_FREE(user);
- SAFE_FREE(domain);
+ talloc_free(mem_ctx);
return True;
}
@@ -407,7 +414,7 @@ BOOL encode_pw_buffer(char buffer[516], const char *password, int string_flags)
uint8_t new_pw[512];
size_t new_pw_len;
- new_pw_len = push_string(NULL, new_pw,
+ new_pw_len = push_string(new_pw,
password,
sizeof(new_pw), string_flags);
@@ -459,7 +466,7 @@ BOOL decode_pw_buffer(char in_buffer[516], char *new_pwrd,
}
/* decode into the return buffer. Buffer length supplied */
- *new_pw_len = pull_string(NULL, new_pwrd, &in_buffer[512 - byte_len], new_pwrd_size,
+ *new_pw_len = pull_string(new_pwrd, &in_buffer[512 - byte_len], new_pwrd_size,
byte_len, string_flags);
#ifdef DEBUG_PASSWORD
generated by cgit (git 2.34.1) at 2024-07-08 09:40:17 +0000