svn commit: samba r15609 - in trunk/source/libsmb: .
jra at samba.org
jra at samba.org
Mon May 15 04:47:09 GMT 2006
Author: jra
Date: 2006-05-15 04:47:08 +0000 (Mon, 15 May 2006)
New Revision: 15609
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15609
Log:
Fix Coverity #288 - possible null deref.
Jeremy.
Modified:
trunk/source/libsmb/cliconnect.c
Changeset:
Modified: trunk/source/libsmb/cliconnect.c
===================================================================
--- trunk/source/libsmb/cliconnect.c 2006-05-15 03:51:45 UTC (rev 15608)
+++ trunk/source/libsmb/cliconnect.c 2006-05-15 04:47:08 UTC (rev 15609)
@@ -922,6 +922,7 @@
/****************************************************************************
Send a tconX.
****************************************************************************/
+
BOOL cli_send_tconX(struct cli_state *cli,
const char *share, const char *dev, const char *pass, int passlen)
{
@@ -936,10 +937,13 @@
if (cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) {
passlen = 1;
pass = "";
+ } else if (!pass) {
+ DEBUG(1, ("Server not using user level security and no password supplied.\n"));
+ return False;
}
if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) &&
- pass && *pass && passlen != 24) {
+ *pass && passlen != 24) {
if (!lp_client_lanman_auth()) {
DEBUG(1, ("Server requested LANMAN password (share-level security) but 'client use lanman auth'"
" is disabled\n"));
@@ -965,7 +969,9 @@
passlen = clistr_push(cli, pword, pass, sizeof(pword), STR_TERMINATE);
} else {
- memcpy(pword, pass, passlen);
+ if (passlen) {
+ memcpy(pword, pass, passlen);
+ }
}
}
@@ -980,7 +986,9 @@
SSVAL(cli->outbuf,smb_vwv3,passlen);
p = smb_buf(cli->outbuf);
- memcpy(p,pword,passlen);
+ if (passlen) {
+ memcpy(p,pword,passlen);
+ }
p += passlen;
p += clistr_push(cli, p, fullshare, -1, STR_TERMINATE |STR_UPPER);
p += clistr_push(cli, p, dev, -1, STR_TERMINATE |STR_UPPER | STR_ASCII);
More information about the samba-cvs
mailing list