sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00
Code

CVE-2018-10858: libsmb: Ensure smbc_urlencode() can't overwrite passed in buffer.

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13453

CVE-2018-10858: Insufficient input validation on client directory
		listing in libsmbclient.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This commit is contained in:
Jeremy Allison 2018-06-15 15:07:17 -07:00 committed by Karolin Seeger
parent 30428f36f7
commit 6936d3e2f2
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
source3/libsmb/libsmb_path.c
View File

@ -173,8 +173,13 @@ smbc_urlencode(char *dest,
}
}
*dest++ = '\0';
max_dest_len--;
if (max_dest_len == 0) {
/* Ensure we return -1 if no null termination. */
return -1;
}
*dest++ = '\0';
max_dest_len--;
return max_dest_len;
}