auth: Make sure that creds_out is initialized with NULL.

This is an additional patch for CVE-2015-0240.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077#c32

Pair-Programmed-With: Michael Adam <obnox@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

diff --git a/libcli/auth/schannel_state_tdb.c b/libcli/auth/schannel_state_tdb.c
index ca35a11abe09f6420eec33c73447caa6b3b78e9e..145005c3a8d3ca026fdc72e73ffd4a1c7e762d97 100644 (file)
--- a/libcli/auth/schannel_state_tdb.c
+++ b/libcli/auth/schannel_state_tdb.c
@@ -285,6 +285,10 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ctx,
        NTSTATUS status;
        int ret;
 
+       if (creds_out != NULL) {
+               *creds_out = NULL;
+       }
+
        tmpctx = talloc_named(mem_ctx, 0, "schannel_check_creds_state");
        if (!tmpctx) {
                return NT_STATUS_NO_MEMORY;