possible bug in chgpasswd.c/smbdes.c

Gerald Carter gcarter at valinux.com
Thu Jul 19 14:35:47 GMT 2001

On Thu, 19 Jul 2001, Simo Sorce wrote:

> Seem that check_oem_password function in smbd/chgpasswd.c calls
> SamOEMhash function in libsmb/smbdes.c with a val of 516 an this may
> be a bug in either check_oem_password or SamOEMhash. The last for
> cicle in SamOEMhash increments ind and index_i from 0 to 516, but
> s_box[] indexed by index_i is only 256 chars long. So I think index_i
> goes out of buffer boundaries at half the for cicle, and we also
> modify that region. This function seem to be called only when syncing
> unix passwords when changing password. can anyone confirm it? or have
> I missed something?

Is something not working?  I mean are you tracking down a bug or just

Cheers, jerry
 http://www.valinux.com/     VA Linux Systems      gcarter at valinux.com
 http://www.samba.org/          SAMBA Team             jerry at samba.org
 http://www.plainjoe.org/                           jerry at plainjoe.org
 --"I never saved anything for the swim back." Ethan Hawk in Gattaca--

More information about the samba-technical mailing list