diff options
author | Stefan Metzmacher <metze@samba.org> | 2021-12-17 23:32:28 +0100 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2022-01-04 20:57:41 +0000 |
commit | dd9886100514941aa16af8566faf41501b601a44 (patch) | |
tree | 14c04d5467755206dd5e3c28d087228c239a45a8 /auth | |
parent | e0b705d26f0b151ba52d1f9f5504f622fadf7d7c (diff) | |
download | samba-dd9886100514941aa16af8566faf41501b601a44.tar.gz |
auth/ntlmssp: make sure we return INVALID_PARAMETER for NTLMv2_RESPONSE parsing errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14932
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 4 20:57:41 UTC 2022 on sn-devel-184
Diffstat (limited to 'auth')
-rw-r--r-- | auth/ntlmssp/ntlmssp_server.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c index 939aa0ef4aa..ce78af1d32d 100644 --- a/auth/ntlmssp/ntlmssp_server.c +++ b/auth/ntlmssp/ntlmssp_server.c @@ -532,6 +532,14 @@ static NTSTATUS ntlmssp_server_preauth(struct gensec_security *gensec_security, (ndr_pull_flags_fn_t)ndr_pull_NTLMv2_RESPONSE); if (!NDR_ERR_CODE_IS_SUCCESS(err)) { nt_status = ndr_map_error2ntstatus(err); + if (NT_STATUS_EQUAL(nt_status, NT_STATUS_BUFFER_TOO_SMALL)) { + /* + * Note that invalid blobs should result in + * INVALID_PARAMETER, as demonstrated by + * smb2.session.ntlmssp_bug14932 + */ + nt_status = NT_STATUS_INVALID_PARAMETER; + } DEBUG(1,("%s: failed to parse NTLMv2_RESPONSE of length %zu for " "user=[%s] domain=[%s] workstation=[%s] - %s %s\n", __func__, ntlmssp_state->nt_resp.length, |