diff options
author | Günther Deschner <gd@samba.org> | 2010-05-28 14:11:53 +0200 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2010-06-18 08:33:28 +0200 |
commit | c31ac2ebd5ce850f87f4e29dab8e009def1b4e87 (patch) | |
tree | 951629989295f74bb711fe14e30763cc017d911f | |
parent | 920e5757f764f25290241b54769a334ca4dd7d5b (diff) | |
download | samba-c31ac2ebd5ce850f87f4e29dab8e009def1b4e87.tar.gz |
s3-samr: Fix crash bug in _samr_QueryUserInfo{2} level 18.
Guenther
Fix bug #7479 (Crash bug in _samr_QueryUserInfo{2} level 18.)
(cherry picked from commit 386a4621b8c9e8f7956320a44679789b731d7b10)
-rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index d50c6c3e0e6..e98e4aa595a 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2735,6 +2735,8 @@ static NTSTATUS get_user_info_18(pipes_struct *p, { struct samu *smbpass=NULL; bool ret; + const uint8_t *nt_pass = NULL; + const uint8_t *lm_pass = NULL; ZERO_STRUCTP(r); @@ -2769,10 +2771,17 @@ static NTSTATUS get_user_info_18(pipes_struct *p, return NT_STATUS_ACCOUNT_DISABLED; } - r->lm_pwd_active = true; - r->nt_pwd_active = true; - memcpy(r->lm_pwd.hash, pdb_get_lanman_passwd(smbpass), 16); - memcpy(r->nt_pwd.hash, pdb_get_nt_passwd(smbpass), 16); + lm_pass = pdb_get_lanman_passwd(smbpass); + if (lm_pass != NULL) { + memcpy(r->lm_pwd.hash, lm_pass, 16); + r->lm_pwd_active = true; + } + + nt_pass = pdb_get_nt_passwd(smbpass); + if (nt_pass != NULL) { + memcpy(r->nt_pwd.hash, nt_pass, 16); + r->nt_pwd_active = true; + } r->password_expired = 0; /* FIXME */ TALLOC_FREE(smbpass); |