librpc: Check for NULL pointer in value() in ntlmssp_AUTHENTICATE · samba-team/samba@f7f9280 (original) (raw)

Commit

Permalink

librpc: Check for NULL pointer in value() in ntlmssp_AUTHENTICATE

Browse files

Browse the repository at this point in the history

This allows ndrdump --validate to avoid following a NULL pointer when re-pushing a valid but unusual input.

It also avoids an issue if the Samba server code were to provide a response without an EncryptedRandomSessionKey.

At this stage ntlmssp.idl is not used for this, instead the packets are generated with msrpc_gen().

Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X fuzzer.

Signed-off-by: Andrew Bartlett abartlet@samba.org Reviewed-by: Douglas Bagnall douglas.bagnall@catalyst.net.nz

Autobuild-User(master): Andrew Bartlett abartlet@samba.org Autobuild-Date(master): Wed Nov 20 06:06:29 UTC 2019 on sn-devel-184

• Loading branch information