diff options
| author | Stefan Metzmacher <metze@samba.org> | 2019-06-07 18:58:43 +0200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2019-06-12 12:42:26 +0000 |
| commit | 7b1eab10937c0922fe686319a732991240e5c6a4 (patch) | |
| tree | 3b1a6c6dae3641b7766f4a9fd073dd2ec298f20b /libcli | |
| parent | 2ad02acf386757b50a957e35bb29a7d34c921e53 (diff) | |
| download | samba-7b1eab10937c0922fe686319a732991240e5c6a4.tar.gz | |
libcli/smb: make sure the session->{smb2->,smb2_channel.}signing_key is never NULL!
Before commit 17e22e020fcb84fb9ddda350915369dc9ea28ef1 they we not a
pointer and always be present.
We used the local pointer variable 'signing_key = NULL' and logic like
this:
if (state->smb2.should_sign) {
signing_key = state->session->smb2_channel.signing_key;
}
if (signing_key != NULL ...
In order to keep this we need to nake sure
state->session->smb2_channel.signing_key is never NULL!
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'libcli')
| -rw-r--r-- | libcli/smb/smbXcli_base.c | 44 |
1 files changed, 27 insertions, 17 deletions
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index a82146a60f4..0296d5b8752 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -5526,9 +5526,27 @@ struct smbXcli_session *smbXcli_session_create(TALLOC_CTX *mem_ctx, } talloc_set_destructor(session, smbXcli_session_destructor); + session->smb2->signing_key = talloc_zero(session, + struct smb2_signing_key); + if (session->smb2->signing_key == NULL) { + talloc_free(session); + return NULL; + } + talloc_set_destructor(session->smb2->signing_key, + smb2_signing_key_destructor); + DLIST_ADD_END(conn->sessions, session); session->conn = conn; + session->smb2_channel.signing_key = + talloc_zero(session, struct smb2_signing_key); + if (session->smb2_channel.signing_key == NULL) { + talloc_free(session); + return NULL; + } + talloc_set_destructor(session->smb2_channel.signing_key, + smb2_signing_key_destructor); + memcpy(session->smb2_channel.preauth_sha512, conn->smb2.preauth_sha512, sizeof(session->smb2_channel.preauth_sha512)); @@ -6038,15 +6056,6 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session, memcpy(session_key, _session_key.data, MIN(_session_key.length, sizeof(session_key))); - session->smb2->signing_key = talloc_zero(session, - struct smb2_signing_key); - if (session->smb2->signing_key == NULL) { - ZERO_STRUCT(session_key); - return NT_STATUS_NO_MEMORY; - } - talloc_set_destructor(session->smb2->signing_key, - smb2_signing_key_destructor); - session->smb2->signing_key->blob = data_blob_talloc(session->smb2->signing_key, session_key, @@ -6117,14 +6126,6 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session, } ZERO_STRUCT(session_key); - session->smb2_channel.signing_key = - talloc_zero(session, struct smb2_signing_key); - if (session->smb2_channel.signing_key == NULL) { - return NT_STATUS_NO_MEMORY; - } - talloc_set_destructor(session->smb2_channel.signing_key, - smb2_signing_key_destructor); - session->smb2_channel.signing_key->blob = data_blob_dup_talloc(session->smb2_channel.signing_key, session->smb2->signing_key->blob); @@ -6243,6 +6244,15 @@ NTSTATUS smb2cli_session_create_channel(TALLOC_CTX *mem_ctx, DLIST_ADD_END(conn->sessions, session2); session2->conn = conn; + session2->smb2_channel.signing_key = + talloc_zero(session2, struct smb2_signing_key); + if (session2->smb2_channel.signing_key == NULL) { + talloc_free(session2); + return NT_STATUS_NO_MEMORY; + } + talloc_set_destructor(session2->smb2_channel.signing_key, + smb2_signing_key_destructor); + memcpy(session2->smb2_channel.preauth_sha512, conn->smb2.preauth_sha512, sizeof(session2->smb2_channel.preauth_sha512)); |