diff options
author | Stefan Metzmacher <metze@samba.org> | 2022-01-21 20:42:45 +0100 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2022-01-30 11:52:27 +0000 |
commit | 4d3054261df3b8726a4db943b0734071ad151423 (patch) | |
tree | 7ef2f34d0a3cb11713739c5e3c3bd0fd4397de1a | |
parent | 7734584c4fd5bee49ed564771a16d63f2b005937 (diff) | |
download | samba-4d3054261df3b8726a4db943b0734071ad151423.tar.gz |
blackbox.ndrdump: fix test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE test
This actually reveals that ndr_push_string() for TargetName="" was
failing before because it resulted in 1 byte for a subcontext with
TargetLen=0.
This is fixed now and we no longer expect ndrdump to exit with 1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jan 24 16:18:34 UTC 2022 on sn-devel-184
(cherry picked from commit 12464bd4c222d996aac6d6250b7945d63f20f4bc)
Autobuild-User(v4-16-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-16-test): Sun Jan 30 11:52:27 UTC 2022 on sn-devel-184
-rw-r--r-- | python/samba/tests/blackbox/ndrdump.py | 5 | ||||
-rw-r--r-- | selftest/knownfail.d/blackbox.ndrdump | 1 | ||||
-rw-r--r-- | source4/librpc/tests/fuzzed_ntlmssp-CHALLENGE_MESSAGE.txt | 52 |
3 files changed, 51 insertions, 7 deletions
diff --git a/python/samba/tests/blackbox/ndrdump.py b/python/samba/tests/blackbox/ndrdump.py index 15c21bc3cda..11d9441e51a 100644 --- a/python/samba/tests/blackbox/ndrdump.py +++ b/python/samba/tests/blackbox/ndrdump.py @@ -499,10 +499,9 @@ dump OK def test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE(self): expected = open(self.data_path("fuzzed_ntlmssp-CHALLENGE_MESSAGE.txt")).read().encode('utf8') try: - actual = self.check_exit_code( + actual = self.check_output( "ndrdump --debug-stdout ntlmssp CHALLENGE_MESSAGE struct --validate --input " +\ - "'AAAACwIAAAAAJwIAAAAAAAcAAAAAAAAAAIAbhG8uyk9dAL0mQE73MAAAAAAAAAAA' --base64-input", - 1) + "'AAAACwIAAAAAJwIAAAAAAAcAAAAAAAAAAIAbhG8uyk9dAL0mQE73MAAAAAAAAAAA' --base64-input") except BlackboxProcessError as e: self.fail(e) diff --git a/selftest/knownfail.d/blackbox.ndrdump b/selftest/knownfail.d/blackbox.ndrdump deleted file mode 100644 index 8131b070b37..00000000000 --- a/selftest/knownfail.d/blackbox.ndrdump +++ /dev/null @@ -1 +0,0 @@ -^samba.tests.blackbox.ndrdump.samba.tests.blackbox.ndrdump.NdrDumpTests.test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE diff --git a/source4/librpc/tests/fuzzed_ntlmssp-CHALLENGE_MESSAGE.txt b/source4/librpc/tests/fuzzed_ntlmssp-CHALLENGE_MESSAGE.txt index 90879ad923e..450c6532d10 100644 --- a/source4/librpc/tests/fuzzed_ntlmssp-CHALLENGE_MESSAGE.txt +++ b/source4/librpc/tests/fuzzed_ntlmssp-CHALLENGE_MESSAGE.txt @@ -38,6 +38,52 @@ pull returned Success TargetInfoLen : 0x0000 (0) TargetInfoMaxLen : 0x0000 (0) TargetInfo : NULL -ndr_push_subcontext_end: ndr_push_error(Subcontext Error): Bad subcontext (PUSH) content_size 1 is larger than size_is(0) at ../../librpc/ndr/ndr.c:901 -push returned Subcontext Error -validate push FAILED +push returned Success +pull returned Success + CHALLENGE_MESSAGE: struct CHALLENGE_MESSAGE + Signature : 'NTLMSSP' + MessageType : NtLmChallenge (0x2) + TargetNameLen : 0x0000 (0) + TargetNameMaxLen : 0x0000 (0) + TargetName : * + TargetName : '' + NegotiateFlags : 0x00000000 (0) + 0: NTLMSSP_NEGOTIATE_UNICODE + 0: NTLMSSP_NEGOTIATE_OEM + 0: NTLMSSP_REQUEST_TARGET + 0: NTLMSSP_NEGOTIATE_SIGN + 0: NTLMSSP_NEGOTIATE_SEAL + 0: NTLMSSP_NEGOTIATE_DATAGRAM + 0: NTLMSSP_NEGOTIATE_LM_KEY + 0: NTLMSSP_NEGOTIATE_NETWARE + 0: NTLMSSP_NEGOTIATE_NTLM + 0: NTLMSSP_NEGOTIATE_NT_ONLY + 0: NTLMSSP_ANONYMOUS + 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED + 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED + 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL + 0: NTLMSSP_NEGOTIATE_ALWAYS_SIGN + 0: NTLMSSP_TARGET_TYPE_DOMAIN + 0: NTLMSSP_TARGET_TYPE_SERVER + 0: NTLMSSP_TARGET_TYPE_SHARE + 0: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY + 0: NTLMSSP_NEGOTIATE_IDENTIFY + 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY + 0: NTLMSSP_NEGOTIATE_TARGET_INFO + 0: NTLMSSP_NEGOTIATE_VERSION + 0: NTLMSSP_NEGOTIATE_128 + 0: NTLMSSP_NEGOTIATE_KEY_EXCH + 0: NTLMSSP_NEGOTIATE_56 + ServerChallenge : 00801b846f2eca4f + Reserved : 5d00bd26404ef730 + TargetInfoLen : 0x0000 (0) + TargetInfoMaxLen : 0x0000 (0) + TargetInfo : NULL +WARNING! orig and validated differ at byte 0x00 (0) +WARNING! orig byte[0x00] = 0x00 validated byte[0x00] = 0x4E +-[0000] 00 00 00 0B 02 00 00 00 00 27 02 00 00 00 00 00 ........ .'...... ++[0000] 4E 54 4C 4D 53 53 50 00 02 00 00 00 00 00 00 00 NTLMSSP. ........ +-[0010] 07 00 00 00 00 00 00 00 00 80 1B 84 6F 2E CA 4F ........ ....o..O ++[0010] 30 00 00 00 00 00 00 00 00 80 1B 84 6F 2E CA 4F 0....... ....o..O + [0020] 5D 00 BD 26 40 4E F7 30 00 00 00 00 00 00 00 00 ]..&@N.0 ........ +dump OK |