[PATCH] Fix null pointer dereference in smbd

Jeremy Allison jra at samba.org
Thu Apr 27 23:30:45 UTC 2017


On Fri, Apr 28, 2017 at 07:04:59AM +1200, Andrew Bartlett via samba-technical wrote:
> On Fri, 2017-04-28 at 06:54 +1200, Gary Lockyer via samba-technical
> wrote:
> > Test and fix for null pointer dereference in sesssetup.c, introduced
> > in
> > the auth logging changes.
> > 
> > Review and push appreciated
> 
> To be clear, as well as memory allocation failure, this can happen when
> NTLMv2 is attempted without NLTMSSP, due to this block:
> 
> 	if (!allow_raw && nt_resp.length >= 48) {
> 		/*
> 		 * NTLMv2_RESPONSE has at least 48 bytes
> 		 * and should only be supported via NTLMSSP.
> 		 */
> 		DEBUG(2,("Rejecting raw NTLMv2 authentication with "
> 			 "user [%s\\%s] from[%s]\n",
> 			 client_domain, smb_name,
> 			 tsocket_address_string(remote_address, mem_ctx)));
> 		return NT_STATUS_INVALID_PARAMETER;
> 	}
> 
> 
> 
> Reviewed-by: Andrew Bartlett <abartlet at samba.org>
> 
> Can I get a second team review please?

LGTM. Pushed !



More information about the samba-technical mailing list