diff options
author | Andreas Schneider <asn@samba.org> | 2016-04-01 10:15:39 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2016-04-19 09:37:14 +0200 |
commit | 5035f1afa9b9f34e68b6743f3f4a66b9377dedab (patch) | |
tree | 6703996c18f88f221655c74236600c39098c3005 /libcli | |
parent | ba6e39076bdc5222f77c4d7615e44db0aac14e91 (diff) | |
download | samba-5035f1afa9b9f34e68b6743f3f4a66b9377dedab.tar.gz |
libcli:smb2: Use constant time memcmp() to verify the signature
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'libcli')
-rw-r--r-- | libcli/smb/smb2_signing.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c index b72355429ef..90d80cc9ba0 100644 --- a/libcli/smb/smb2_signing.c +++ b/libcli/smb/smb2_signing.c @@ -167,7 +167,7 @@ NTSTATUS smb2_signing_check_pdu(DATA_BLOB signing_key, memcpy(res, digest, 16); } - if (memcmp(res, sig, 16) != 0) { + if (memcmp_const_time(res, sig, 16) != 0) { DEBUG(0,("Bad SMB2 signature for message\n")); dump_data(0, sig, 16); dump_data(0, res, 16); |