From f0f91d0117b2ccf778382e61a411b5e4f0ea2b14 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 22 Sep 2011 13:42:56 -0700 Subject: Fix bug #8477 - Map to guest can return uninitialized blob of data. Found by Codenomicon at SNIA SDC. Autobuild-User: Jeremy Allison Autobuild-Date: Fri Sep 23 03:19:46 CEST 2011 on sn-devel-104 --- source3/smbd/smb2_sesssetup.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 95badaf136..e645770014 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -58,7 +58,7 @@ NTSTATUS smbd_smb2_request_process_sesssetup(struct smbd_smb2_request *smb2req) uint16_t out_session_flags; uint64_t out_session_id; uint16_t out_security_offset; - DATA_BLOB out_security_buffer; + DATA_BLOB out_security_buffer = data_blob_null; NTSTATUS status; status = smbd_smb2_request_verify_sizes(smb2req, 0x19); @@ -637,6 +637,8 @@ static NTSTATUS smbd_smb2_raw_ntlmssp_auth(struct smbd_smb2_session *session, { NTSTATUS status; + *out_security_buffer = data_blob_null; + if (session->auth_ntlmssp_state == NULL) { status = auth_ntlmssp_prepare(session->sconn->remote_address, &session->auth_ntlmssp_state); -- cgit