possible bug in chgpasswd.c/smbdes.c
Gerald Carter
gcarter at valinux.com
Thu Jul 19 14:35:47 GMT 2001
On Thu, 19 Jul 2001, Simo Sorce wrote:
> Seem that check_oem_password function in smbd/chgpasswd.c calls
> SamOEMhash function in libsmb/smbdes.c with a val of 516 an this may
> be a bug in either check_oem_password or SamOEMhash. The last for
> cicle in SamOEMhash increments ind and index_i from 0 to 516, but
> s_box[] indexed by index_i is only 256 chars long. So I think index_i
> goes out of buffer boundaries at half the for cicle, and we also
> modify that region. This function seem to be called only when syncing
> unix passwords when changing password. can anyone confirm it? or have
> I missed something?
Is something not working? I mean are you tracking down a bug or just
curious?
Cheers, jerry
---------------------------------------------------------------------
http://www.valinux.com/ VA Linux Systems gcarter at valinux.com
http://www.samba.org/ SAMBA Team jerry at samba.org
http://www.plainjoe.org/ jerry at plainjoe.org
--"I never saved anything for the swim back." Ethan Hawk in Gattaca--
More information about the samba-technical
mailing list