[s3] CID 1433607 Out-of-bounds-write
Swen Schillig
swen at vnet.ibm.com
Wed Jun 13 09:04:51 UTC 2018
Please review and push if happy.
Cheers Swen
-------------- next part --------------
From 738797868db63e492192b0af93e241ea6d382ea2 Mon Sep 17 00:00:00 2001
From: Swen Schillig <swen at vnet.ibm.com>
Date: Fri, 25 May 2018 09:36:01 +0200
Subject: [PATCH] [s3] CID 1433607 Out-of-bounds-write
Remove the out-of-bounds-write.
Either the terminating 0-byte was written during initialization (n<16)
or it will be handled by the following code-segment (n == MAX_NETBIOSNAME_LEN)
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
---
source3/libsmb/nmblib.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/source3/libsmb/nmblib.c b/source3/libsmb/nmblib.c
index ef6177e5209..2bd893b01c2 100644
--- a/source3/libsmb/nmblib.c
+++ b/source3/libsmb/nmblib.c
@@ -212,7 +212,6 @@ static int parse_nmb_name(char *inbuf,int ofs,int length, struct nmb_name *name)
name->name[n++] = (c1<<4) | c2;
m -= 2;
}
- name->name[n] = 0;
if (n==MAX_NETBIOSNAME_LEN) {
/* parse out the name type, its always
--
2.14.4
More information about the samba-technical
mailing list