diff options
author | Stefan Metzmacher <metze@samba.org> | 2013-12-17 12:42:06 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2016-04-12 19:25:22 +0200 |
commit | 001735a804914de936699e95fce898a593ba24ec (patch) | |
tree | 5b1fdb4acb5d3015c60be2d9c2085d867d308e83 | |
parent | 2063692367429d0767153b6a0d22627cb2c27d5f (diff) | |
download | samba-001735a804914de936699e95fce898a593ba24ec.tar.gz |
CVE-2016-2110: libcli/auth: use enum spnego_negResult instead of uint8_t
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
-rw-r--r-- | libcli/auth/spnego.h | 2 | ||||
-rw-r--r-- | libcli/auth/spnego_parse.c | 5 |
2 files changed, 5 insertions, 2 deletions
diff --git a/libcli/auth/spnego.h b/libcli/auth/spnego.h index 539b90336f0..73196e61387 100644 --- a/libcli/auth/spnego.h +++ b/libcli/auth/spnego.h @@ -58,7 +58,7 @@ struct spnego_negTokenInit { }; struct spnego_negTokenTarg { - uint8_t negResult; + enum spnego_negResult negResult; const char *supportedMech; DATA_BLOB responseToken; DATA_BLOB mechListMIC; diff --git a/libcli/auth/spnego_parse.c b/libcli/auth/spnego_parse.c index a608dce72a3..f538b44552c 100644 --- a/libcli/auth/spnego_parse.c +++ b/libcli/auth/spnego_parse.c @@ -202,7 +202,9 @@ static bool read_negTokenTarg(struct asn1_data *asn1, TALLOC_CTX *mem_ctx, while (asn1_tag_remaining(asn1) > 0) { uint8_t context; + uint8_t neg_result; char *oid; + if (!asn1_peek_uint8(asn1, &context)) { asn1_set_error(asn1); break; @@ -212,7 +214,8 @@ static bool read_negTokenTarg(struct asn1_data *asn1, TALLOC_CTX *mem_ctx, case ASN1_CONTEXT(0): if (!asn1_start_tag(asn1, ASN1_CONTEXT(0))) return false; if (!asn1_start_tag(asn1, ASN1_ENUMERATED)) return false; - if (!asn1_read_uint8(asn1, &token->negResult)) return false; + if (!asn1_read_uint8(asn1, &neg_result)) return false; + token->negResult = neg_result; if (!asn1_end_tag(asn1)) return false; if (!asn1_end_tag(asn1)) return false; break; |