sess_crypt_blob can only crypt blobs whose size divides by 8

Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
author: Isaac Boukris <iboukris@gmail.com> 2019-11-21 15:13:19 +0100
committer: Andrew Bartlett <abartlet@samba.org> 2019-12-10 00:30:31 +0000
commit: b5d8f1f78a04719c6a5d15aa92ae398be326fe56 (patch)
tree: cd60b775a989ff41397c1de0c6bb9a6cf02519e5 /libcli/auth
parent: a75ca8d5d515aef1229acf5a30489ee5f5ced3e1 (diff)
download: samba-b5d8f1f78a04719c6a5d15aa92ae398be326fe56.tar.gz
1 files changed, 6 insertions, 3 deletions
diff --git a/libcli/auth/session.c b/libcli/auth/session.c
index 4af70d361af..43ce9d54fdc 100644
--- a/libcli/auth/session.c
+++ b/libcli/auth/session.c
@@ -34,13 +34,16 @@ int sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *sessio
 {
 	int i, k, rc;
 
+	if (in->length % 8 != 0) {
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
 	for (i=0,k=0;
 	     i<in->length;
 	     i += 8, k += 7) {
 		uint8_t bin[8], bout[8], key[7];
 
-		memset(bin, 0, 8);
-		memcpy(bin,  &in->data[i], MIN(8, in->length-i));
+		memcpy(bin,  &in->data[i], 8);
 
 		if (k + 7 > session_key->length) {
 			k = (session_key->length - k);
@@ -52,7 +55,7 @@ int sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *sessio
 			return rc;
 		}
 
-		memcpy(&out->data[i], bout, MIN(8, in->length-i));
+		memcpy(&out->data[i], bout, 8);
 	}
 	return 0;
 }
author	Isaac Boukris <iboukris@gmail.com>	2019-11-21 15:13:19 +0100
committer	Andrew Bartlett <abartlet@samba.org>	2019-12-10 00:30:31 +0000
commit	b5d8f1f78a04719c6a5d15aa92ae398be326fe56 (patch)
tree	cd60b775a989ff41397c1de0c6bb9a6cf02519e5 /libcli/auth
parent	a75ca8d5d515aef1229acf5a30489ee5f5ced3e1 (diff)
download	samba-b5d8f1f78a04719c6a5d15aa92ae398be326fe56.tar.gz