From fb235a3be6372e40ff7f7ebbcd7905a08cb04444 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 24 Jan 2012 14:41:30 -0800
Subject: s3: Fix bug #8674.

Buffer overflow issue with AES encryption in samba traffic analyzer.
---
 source3/modules/vfs_smb_traffic_analyzer.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'source3/modules')

diff --git a/source3/modules/vfs_smb_traffic_analyzer.c b/source3/modules/vfs_smb_traffic_analyzer.c
index 4d1ffbd06d..7b9a902e14 100644
--- a/source3/modules/vfs_smb_traffic_analyzer.c
+++ b/source3/modules/vfs_smb_traffic_analyzer.c
@@ -187,8 +187,7 @@ static char *smb_traffic_analyzer_encrypt( TALLOC_CTX *ctx,
 		samba_AES_encrypt((const unsigned char *) str+(16*h), crypted, &key);
 		for (d = 0; d<16; d++) output[d+(16*h)]=crypted[d];
 	}
-	samba_AES_encrypt( (const unsigned char *) str+(16*h), filler, &key );
-	for (d = 0;d < 16; d++) output[d+(16*h)]=*(filler+d);
+	samba_AES_encrypt(filler, (const unsigned char *)(output+(16*h)), &key);
 	*len = (s1*16)+16;
 	return output;	
 }
-- 
cgit