diff options
author | Jeremy Allison <jra@samba.org> | 2018-06-15 15:08:17 -0700 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2018-08-14 17:42:13 +0200 |
commit | 4a2880b670b261ca9fbc70b4665aa86ee2a2c07a (patch) | |
tree | a6e85d05bc53f610f24547141c55e4d5e3ee8888 /source3/libsmb/libsmb_path.c | |
parent | 61e34a2002e069527011e254434e044d2e12cda4 (diff) | |
download | samba-4a2880b670b261ca9fbc70b4665aa86ee2a2c07a.tar.gz |
libsmb: Harden smbc_readdir_internal() against returns from malicious servers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13453
CVE-2018-10858: Insufficient input validation on client directory
listing in libsmbclient.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Diffstat (limited to 'source3/libsmb/libsmb_path.c')
-rw-r--r-- | source3/libsmb/libsmb_path.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source3/libsmb/libsmb_path.c b/source3/libsmb/libsmb_path.c index ed70ab37550..5b53b386a67 100644 --- a/source3/libsmb/libsmb_path.c +++ b/source3/libsmb/libsmb_path.c @@ -173,7 +173,7 @@ smbc_urlencode(char *dest, } } - if (max_dest_len == 0) { + if (max_dest_len <= 0) { /* Ensure we return -1 if no null termination. */ return -1; } |