libcli: Overflow array index read possible, in auth code.

Changed the if condtion to detect when we'd improperly overflow.

Coverity-Id: 1167990
Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ira Cooper <ira@samba.org>
Autobuild-Date(master): Mon Feb 24 11:56:38 CET 2014 on sn-devel-104

diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c
index d73335da1d62906872189e163e18e642fed383ec..472a45272c7dd2fd910ec5f503da23345a23acec 100644 (file)
--- a/libcli/auth/netlogon_creds_cli.c
+++ b/libcli/auth/netlogon_creds_cli.c
@@ -1770,7 +1770,7 @@ struct tevent_req *netlogon_creds_cli_ServerPasswordSet_send(TALLOC_CTX *mem_ctx
                uint32_t ofs = 512 - len;
                uint8_t *p;
 
-               if (ofs < 12) {
+               if (len > 500) {
                        tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER_MIX);
                        return tevent_req_post(req, ev);
                }