[PATCH] Fix null pointer dereference in smbd

Andrew Bartlett abartlet at samba.org
Thu Apr 27 19:04:59 UTC 2017

On Fri, 2017-04-28 at 06:54 +1200, Gary Lockyer via samba-technical
> Test and fix for null pointer dereference in sesssetup.c, introduced
> in
> the auth logging changes.
> Review and push appreciated

To be clear, as well as memory allocation failure, this can happen when
NTLMv2 is attempted without NLTMSSP, due to this block:

	if (!allow_raw && nt_resp.length >= 48) {
		 * NTLMv2_RESPONSE has at least 48 bytes
		 * and should only be supported via NTLMSSP.
		DEBUG(2,("Rejecting raw NTLMv2 authentication with "
			 "user [%s\\%s] from[%s]\n",
			 client_domain, smb_name,
			 tsocket_address_string(remote_address, mem_ctx)));

Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Can I get a second team review please?


Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba-technical mailing list