s3:libsmb: make sure cli->secblob.length is 8 if we get a challenge

author Stefan Metzmacher <metze@samba.org>

Tue, 13 Sep 2011 19:13:21 +0000 (21:13 +0200)

committer Stefan Metzmacher <metze@samba.org>

Thu, 15 Sep 2011 10:12:26 +0000 (12:12 +0200)
author Stefan Metzmacher <metze@samba.org>
Tue, 13 Sep 2011 19:13:21 +0000 (21:13 +0200)
committer Stefan Metzmacher <metze@samba.org>
Thu, 15 Sep 2011 10:12:26 +0000 (12:12 +0200)
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c

index 5449fcf3129555463e64d4bc2d80ff0c9d25651f..77d122cf9cbe51b6d13d5a0fd885533a0f3c4288 100644 (file)
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -2690,7 +2690,7 @@ static void cli_negprot_done(struct tevent_req *subreq)
                 if (server_capabilities & CAP_EXTENDED_SECURITY) {
                         cli->secblob = data_blob(bytes, num_bytes);
                 } else {
-                       cli->secblob = data_blob(bytes, num_bytes);
+                       cli->secblob = data_blob(bytes, MIN(num_bytes, 8));
                         /* work out if they sent us a workgroup */
                         if (num_bytes > 8) {
                                 ssize_t ret;
@@ -2749,7 +2749,7 @@ static void cli_negprot_done(struct tevent_req *subreq)
                         (char *)(vwv + 8), cli->serverzone);
                 server_readbraw = ((SVAL(vwv + 5, 0) & 0x1) != 0);
                 server_writebraw = ((SVAL(vwv + 5, 0) & 0x2) != 0);
-               cli->secblob = data_blob(bytes, num_bytes);
+               cli->secblob = data_blob(bytes, MIN(num_bytes, 8));
         } else {
                 /* the old core protocol */
                 cli->serverzone = get_time_zone(time(NULL));
author	Stefan Metzmacher <metze@samba.org>
	Tue, 13 Sep 2011 19:13:21 +0000 (21:13 +0200)
committer	Stefan Metzmacher <metze@samba.org>
	Thu, 15 Sep 2011 10:12:26 +0000 (12:12 +0200)