diff options
| author | Andreas Schneider <asn@samba.org> | 2016-04-01 10:16:25 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2016-04-19 09:37:14 +0200 |
| commit | 03e8152e39f2e0f931e9fd73f9e6a83d3a92fc1e (patch) | |
| tree | 8969ccda62b08e4992b9e6086921fb26751c43bd /source4/libcli | |
| parent | 5035f1afa9b9f34e68b6743f3f4a66b9377dedab (diff) | |
| download | samba-03e8152e39f2e0f931e9fd73f9e6a83d3a92fc1e.tar.gz | |
s4:libcli:smb2: Use constant time memcmp() to verify the signature
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'source4/libcli')
| -rw-r--r-- | source4/libcli/smb2/signing.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source4/libcli/smb2/signing.c b/source4/libcli/smb2/signing.c index 6af7a6d4a11..8f8074b170d 100644 --- a/source4/libcli/smb2/signing.c +++ b/source4/libcli/smb2/signing.c @@ -111,7 +111,7 @@ NTSTATUS smb2_check_signature(struct smb2_request_buffer *buf, DATA_BLOB session memcpy(buf->hdr+SMB2_HDR_SIGNATURE, sig, 16); - if (memcmp(res, sig, 16) != 0) { + if (memcmp_const_time(res, sig, 16) != 0) { DEBUG(0,("Bad SMB2 signature for message of size %u\n", (unsigned)buf->size-NBT_HDR_SIZE)); dump_data(0, sig, 16); |