Please sign in to comment.
librpc: Check for NULL pointer in value() in ntlmssp_AUTHENTICATE
This allows ndrdump --validate to avoid following a NULL pointer when re-pushing a valid but unusual input. It also avoids an issue if the Samba server code were to provide a response without an EncryptedRandomSessionKey. At this stage ntlmssp.idl is not used for this, instead the packets are generated with msrpc_gen(). Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X fuzzer. Signed-off-by: Andrew Bartlett <firstname.lastname@example.org> Reviewed-by: Douglas Bagnall <email@example.com> Autobuild-User(master): Andrew Bartlett <firstname.lastname@example.org> Autobuild-Date(master): Wed Nov 20 06:06:29 UTC 2019 on sn-devel-184
- Loading branch information
Showing with 1 addition and 2 deletions.
Oops, something went wrong.