From 8cd8aa6686c21e8c43a6d14c0ae1a21954d6e8cd Mon Sep 17 00:00:00 2001 From: Ira Cooper Date: Thu, 13 Feb 2014 14:45:23 -0500 Subject: [PATCH] libcli: Overflow array index read possible, in auth code. Changed the if condtion to detect when we'd improperly overflow. Coverity-Id: 1167990 Signed-off-by: Ira Cooper Reviewed-by: Stefan Metzmacher Autobuild-User(master): Ira Cooper Autobuild-Date(master): Mon Feb 24 11:56:38 CET 2014 on sn-devel-104 --- libcli/auth/netlogon_creds_cli.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c index d73335da1d6..472a45272c7 100644 --- a/libcli/auth/netlogon_creds_cli.c +++ b/libcli/auth/netlogon_creds_cli.c @@ -1770,7 +1770,7 @@ struct tevent_req *netlogon_creds_cli_ServerPasswordSet_send(TALLOC_CTX *mem_ctx uint32_t ofs = 512 - len; uint8_t *p; - if (ofs < 12) { + if (len > 500) { tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER_MIX); return tevent_req_post(req, ev); }