sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-27 22:50:26 +03:00
Code

auth/ntlmssp: remove useless talloc_steal calls in ntlmssp_server_check_password()

Browse Source 
We only create a temporary auth_usersupplied_info structure and pass it
down as const, lets keep the values on ntlmssp_state otherwise we may derefence
stale pointers.

We finally free the memory at the end of ntlmssp_server_postauth() now.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Stefan Metzmacher 2017-06-16 18:03:11 +02:00
parent ebb63e1cb3
commit c6b37a0e1d
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
auth/ntlmssp/ntlmssp_server.c
View File

@ -732,9 +732,7 @@ static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_sec
user_info->password_state = AUTH_PASSWORD_RESPONSE;
user_info->password.response.lanman = ntlmssp_state->lm_resp;
user_info->password.response.lanman.data = talloc_steal(user_info, ntlmssp_state->lm_resp.data);
user_info->password.response.nt = ntlmssp_state->nt_resp;
user_info->password.response.nt.data = talloc_steal(user_info, ntlmssp_state->nt_resp.data);
if (auth_context->check_ntlm_password) {
uint8_t authoritative = 0;
@ -977,6 +975,11 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
nt_status = ntlmssp_sign_init(ntlmssp_state);
}
data_blob_clear_free(&ntlmssp_state->internal_chal);
data_blob_clear_free(&ntlmssp_state->chal);
data_blob_clear_free(&ntlmssp_state->lm_resp);
data_blob_clear_free(&ntlmssp_state->nt_resp);
ntlmssp_state->expected_state = NTLMSSP_DONE;
return nt_status;