libcli: Pass buf/len to smb2_negotiate_context_add

Every caller did a data_blob_const() right before calling
smb2_negotiate_context_add(). Avoid that.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Feb 25 21:07:22 CET 2019 on sn-devel-144

diff --git a/libcli/smb/smb2_negotiate_context.c b/libcli/smb/smb2_negotiate_context.c
index 61c9e557e3392051014b068a5b37c46ab909d076..ac4a08e891076c98b06c8847fffd286f354636f4 100644 (file)
--- a/libcli/smb/smb2_negotiate_context.c
+++ b/libcli/smb/smb2_negotiate_context.c
@@ -39,7 +39,6 @@ NTSTATUS smb2_negotiate_context_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB buffe
        while (true) {
                uint16_t data_length;
                uint16_t type;
-               DATA_BLOB b;
                NTSTATUS status;
                size_t pad;
                uint32_t next_offset;
@@ -58,8 +57,8 @@ NTSTATUS smb2_negotiate_context_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB buffe
                        return NT_STATUS_INVALID_PARAMETER;
                }
 
-               b = data_blob_const(data+0x08, data_length);
-               status = smb2_negotiate_context_add(mem_ctx, contexts, type, b);
+               status = smb2_negotiate_context_add(
+                       mem_ctx, contexts, type, data+0x08, data_length);
                if (!NT_STATUS_IS_OK(status)) {
                        return status;
                }
@@ -148,8 +147,11 @@ NTSTATUS smb2_negotiate_context_push(TALLOC_CTX *mem_ctx, DATA_BLOB *buffer,
        return NT_STATUS_OK;
 }
 
-NTSTATUS smb2_negotiate_context_add(TALLOC_CTX *mem_ctx, struct smb2_negotiate_contexts *c,
-                                   uint16_t type, DATA_BLOB data)
+NTSTATUS smb2_negotiate_context_add(TALLOC_CTX *mem_ctx,
+                                   struct smb2_negotiate_contexts *c,
+                                   uint16_t type,
+                                   const uint8_t *buf,
+                                   size_t buflen)
 {
        struct smb2_negotiate_context *array;
 
@@ -161,10 +163,9 @@ NTSTATUS smb2_negotiate_context_add(TALLOC_CTX *mem_ctx, struct smb2_negotiate_c
 
        c->contexts[c->num_contexts].type = type;
 
-       if (data.data) {
-               c->contexts[c->num_contexts].data = data_blob_talloc(c->contexts,
-                                                                    data.data,
-                                                                    data.length);
+       if (buf != NULL) {
+               c->contexts[c->num_contexts].data = data_blob_talloc(
+                       c->contexts, buf, buflen);
                NT_STATUS_HAVE_NO_MEMORY(c->contexts[c->num_contexts].data.data);
        } else {
                c->contexts[c->num_contexts].data = data_blob_null;

diff --git a/libcli/smb/smb2_negotiate_context.h b/libcli/smb/smb2_negotiate_context.h
index 55aa032665ea54e74dff6a8abe68fce113e0d799..998cf90f5b8d67623bbbd69025c0887b2734c646 100644 (file)
--- a/libcli/smb/smb2_negotiate_context.h
+++ b/libcli/smb/smb2_negotiate_context.h
@@ -42,8 +42,11 @@ NTSTATUS smb2_negotiate_context_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB buffe
 NTSTATUS smb2_negotiate_context_push(TALLOC_CTX *mem_ctx, DATA_BLOB *buffer,
                               const struct smb2_negotiate_contexts contexts);
 
-NTSTATUS smb2_negotiate_context_add(TALLOC_CTX *mem_ctx, struct smb2_negotiate_contexts *c,
-                                   uint16_t type, DATA_BLOB data);
+NTSTATUS smb2_negotiate_context_add(TALLOC_CTX *mem_ctx,
+                                   struct smb2_negotiate_contexts *c,
+                                   uint16_t type,
+                                   const uint8_t *buf,
+                                   size_t buflen);
 
 /*
  * return the first context with the given tag

diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 2455b6deacd71718d53bd0c52166e82aa87046c2..9105b7c84a41631ee552764eb3b11172c2c8d091 100644 (file)
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -4768,9 +4768,8 @@ static struct tevent_req *smbXcli_negprot_smb2_subreq(struct smbXcli_negprot_sta
                SSVAL(p, 4, SMB2_PREAUTH_INTEGRITY_SHA512);
                generate_random_buffer(p + 6, 32);
 
-               b = data_blob_const(p, 38);
-               status = smb2_negotiate_context_add(state, &c,
-                                       SMB2_PREAUTH_INTEGRITY_CAPABILITIES, b);
+               status = smb2_negotiate_context_add(
+                       state, &c, SMB2_PREAUTH_INTEGRITY_CAPABILITIES, p, 38);
                if (!NT_STATUS_IS_OK(status)) {
                        return NULL;
                }
@@ -4783,9 +4782,8 @@ static struct tevent_req *smbXcli_negprot_smb2_subreq(struct smbXcli_negprot_sta
                SSVAL(p, 2, SMB2_ENCRYPTION_AES128_CCM);
                SSVAL(p, 4, SMB2_ENCRYPTION_AES128_GCM);
 
-               b = data_blob_const(p, 6);
-               status = smb2_negotiate_context_add(state, &c,
-                                       SMB2_ENCRYPTION_CAPABILITIES, b);
+               status = smb2_negotiate_context_add(
+                       state, &c, SMB2_ENCRYPTION_CAPABILITIES, p, 6);
                if (!NT_STATUS_IS_OK(status)) {
                        return NULL;
                }

diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index 835c25dea55660506828d4e4c61ebae41db02b4e..528d3f8cc7482b19c6728761fc4e3c08e0ab1433 100644 (file)
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -388,7 +388,6 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
                uint16_t selected_preauth = 0;
                const uint8_t *p;
                uint8_t buf[38];
-               DATA_BLOB b;
                size_t i;
 
                if (in_preauth->data.length < needed) {
@@ -435,9 +434,12 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
                SSVAL(buf, 4, selected_preauth);
                generate_random_buffer(buf + 6, 32);
 
-               b = data_blob_const(buf, sizeof(buf));
-               status = smb2_negotiate_context_add(req, &out_c,
-                                       SMB2_PREAUTH_INTEGRITY_CAPABILITIES, b);
+               status = smb2_negotiate_context_add(
+                       req,
+                       &out_c,
+                       SMB2_PREAUTH_INTEGRITY_CAPABILITIES,
+                       buf,
+                       sizeof(buf));
                if (!NT_STATUS_IS_OK(status)) {
                        return smbd_smb2_request_error(req, status);
                }
@@ -450,7 +452,6 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
                uint16_t cipher_count;
                const uint8_t *p;
                uint8_t buf[4];
-               DATA_BLOB b;
                size_t i;
                bool aes_128_ccm_supported = false;
                bool aes_128_gcm_supported = false;
@@ -504,9 +505,12 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
                SSVAL(buf, 0, 1); /* ChiperCount */
                SSVAL(buf, 2, xconn->smb2.server.cipher);
 
-               b = data_blob_const(buf, sizeof(buf));
-               status = smb2_negotiate_context_add(req, &out_c,
-                                       SMB2_ENCRYPTION_CAPABILITIES, b);
+               status = smb2_negotiate_context_add(
+                       req,
+                       &out_c,
+                       SMB2_ENCRYPTION_CAPABILITIES,
+                       buf,
+                       sizeof(buf));
                if (!NT_STATUS_IS_OK(status)) {
                        return smbd_smb2_request_error(req, status);
                }