[PATCH] Fix null pointer dereference in smbd
Jeremy Allison
jra at samba.org
Thu Apr 27 23:30:45 UTC 2017
On Fri, Apr 28, 2017 at 07:04:59AM +1200, Andrew Bartlett via samba-technical wrote:
> On Fri, 2017-04-28 at 06:54 +1200, Gary Lockyer via samba-technical
> wrote:
> > Test and fix for null pointer dereference in sesssetup.c, introduced
> > in
> > the auth logging changes.
> >
> > Review and push appreciated
>
> To be clear, as well as memory allocation failure, this can happen when
> NTLMv2 is attempted without NLTMSSP, due to this block:
>
> if (!allow_raw && nt_resp.length >= 48) {
> /*
> * NTLMv2_RESPONSE has at least 48 bytes
> * and should only be supported via NTLMSSP.
> */
> DEBUG(2,("Rejecting raw NTLMv2 authentication with "
> "user [%s\\%s] from[%s]\n",
> client_domain, smb_name,
> tsocket_address_string(remote_address, mem_ctx)));
> return NT_STATUS_INVALID_PARAMETER;
> }
>
>
>
> Reviewed-by: Andrew Bartlett <abartlet at samba.org>
>
> Can I get a second team review please?
LGTM. Pushed !
More information about the samba-technical
mailing list