diff options
author | Volker Lendecke <vl@samba.org> | 2017-04-21 13:05:12 +0200 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2017-04-22 05:20:20 +0200 |
commit | 4ceba0e18f7ba8f2b32ba24864095683f2168db0 (patch) | |
tree | 09aca1b28e1caea502a187fd41bc353d13077ed4 /source3/passdb/secrets.c | |
parent | 36612723b2b18675116b6197183bdfe5e1d9e06f (diff) | |
download | samba-4ceba0e18f7ba8f2b32ba24864095683f2168db0.tar.gz |
secrets: Protect against a non-0-terminated ldap password
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Diffstat (limited to 'source3/passdb/secrets.c')
-rw-r--r-- | source3/passdb/secrets.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c index 4372c635f1c..0ddee99a71f 100644 --- a/source3/passdb/secrets.c +++ b/source3/passdb/secrets.c @@ -316,6 +316,13 @@ bool fetch_ldap_pw(char **dn, char** pw) *pw=(char *)secrets_fetch(key, &size); SAFE_FREE(key); + if ((size != 0) && ((*pw)[size-1] != '\0')) { + DBG_ERR("Non 0-terminated password for dn %s\n", *dn); + SAFE_FREE(*pw); + SAFE_FREE(*dn); + return false; + } + if (!size) { /* Upgrade 2.2 style entry */ char *p; |