From 626b0f4891b48f53d35f92e4050bada2cdb54ee2 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Mon, 25 Jul 2022 10:14:12 +0200 Subject: libcli:auth: Use extract_pw_from_buffer() in decode_pw_buffer() Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher --- libcli/auth/smbencrypt.c | 36 ++++++++++++++++-------------------- 1 file changed, 16 insertions(+), 20 deletions(-) (limited to 'libcli') diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c index d4c97195996..8384581c2bd 100644 --- a/libcli/auth/smbencrypt.c +++ b/libcli/auth/smbencrypt.c @@ -943,11 +943,18 @@ bool decode_pw_buffer(TALLOC_CTX *ctx, size_t *new_pw_len, charset_t string_charset) { + DATA_BLOB new_password; int byte_len=0; + bool ok; *pp_new_pwrd = NULL; *new_pw_len = 0; + ok = extract_pw_from_buffer(ctx, in_buffer, &new_password); + if (!ok) { + return false; + } + /* Warning !!! : This function is called from some rpc call. The password IN the buffer may be a UNICODE string. @@ -955,28 +962,17 @@ bool decode_pw_buffer(TALLOC_CTX *ctx, If you reuse that code somewhere else check first. */ - /* The length of the new password is in the last 4 bytes of the data buffer. */ - - byte_len = IVAL(in_buffer, 512); - -#ifdef DEBUG_PASSWORD - dump_data(100, in_buffer, 516); -#endif - - /* Password cannot be longer than the size of the password buffer */ - if ( (byte_len < 0) || (byte_len > 512)) { - DEBUG(0, ("decode_pw_buffer: incorrect password length (%d).\n", byte_len)); - DEBUG(0, ("decode_pw_buffer: check that 'encrypt passwords = yes'\n")); - return false; - } - /* decode into the return buffer. */ - if (!convert_string_talloc(ctx, string_charset, CH_UNIX, - &in_buffer[512 - byte_len], - byte_len, + ok = convert_string_talloc(ctx, + string_charset, + CH_UNIX, + new_password.data, + new_password.length, (void *)pp_new_pwrd, - new_pw_len)) { - DEBUG(0, ("decode_pw_buffer: failed to convert incoming password\n")); + new_pw_len); + data_blob_free(&new_password); + if (!ok) { + DBG_ERR("Failed to convert incoming password\n"); return false; } -- cgit v1.2.1