auth: Make sure that creds_out is initialized with NULL.

This is an additional patch for CVE-2015-0240.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077#c32

Pair-Programmed-With: Michael Adam <obnox@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

diff --git a/libcli/auth/schannel_state_tdb.c b/libcli/auth/schannel_state_tdb.c
index 6abb69b2e128b41b60c28010150ce2f0d4507d7f..d8d5f84cb3b848c80928fd1a6ba345cb7ccd9093 100644 (file)
--- a/libcli/auth/schannel_state_tdb.c
+++ b/libcli/auth/schannel_state_tdb.c
@@ -286,6 +286,10 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ctx,
        NTSTATUS status;
        int ret;
 
+       if (creds_out != NULL) {
+               *creds_out = NULL;
+       }
+
        tmpctx = talloc_named(mem_ctx, 0, "schannel_check_creds_state");
        if (!tmpctx) {
                return NT_STATUS_NO_MEMORY;