1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

s3: lib: nmblib. Clean up and harden nmb packet processing.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14239
OSS-FUZZ: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20156
OSS-FUZZ: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20157

Credit to oss-fuzz.
No security implications.

Signed-off-by: Jeremy Allison <jra@samba.org>
Pair programmed with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 21 23:33:41 UTC 2020 on sn-devel-184
This commit is contained in:
Jeremy Allison 2020-01-17 13:49:48 -08:00
parent a39c4d9bed
commit ad236bb759

View File

@ -192,10 +192,14 @@ static int parse_nmb_name(char *inbuf,int ofs,int length, struct nmb_name *name)
m = ubuf[offset];
if (!m)
return(0);
if ((m & 0xC0) || offset+m+2 > length)
return(0);
/* m must be 32 to exactly fill in the 16 bytes of the netbios name */
if (m != 32) {
return 0;
}
/* Cannot go past length. */
if (offset+m+2 > length) {
return 0;
}
memset((char *)name,'\0',sizeof(*name));