Fix bug #9213 - Bad ASN.1 NegTokenInit packet can cause invalid free.

Not the correct fix for the specific issue, but a general fix to
make sure this can never happen again.

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 26 04:07:57 CEST 2012 on sn-devel-104

diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index a17efbf75b2eb7e2da287667a26e5cdd7ac49cc3..9b4f8f9637a2453bf1a2a1776b6ed3983a3e3168 100644 (file)
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -103,6 +103,10 @@ bool spnego_parse_negTokenInit(TALLOC_CTX *ctx,
        bool ret;
        ASN1_DATA *data;
 
+       for (i = 0; i < ASN1_MAX_OIDS; i++) {
+               OIDs[i] = NULL;
+       }
+
        data = asn1_init(talloc_tos());
        if (data == NULL) {
                return false;