break;
case 24:
- SamOEMhash(ctr->info.id24->pass, p->session_key, 516);
+ if (p->session_key.length != 16) {
+ /* we may have no session key at all,
+ and we don't know how to do the SamOEMhash
+ for length != 16 */
+ return NT_STATUS_NO_USER_SESSION_KEY;
+ }
+ SamOEMhash(ctr->info.id24->pass, p->session_key.data, 516);
dump_data(100, (char *)ctr->info.id24->pass, 516);
* info level and W2K SP2 drops down to level 23... JRA.
*/
- SamOEMhash(ctr->info.id25->pass, p->session_key, 532);
+ if (p->session_key.length != 16) {
+ return NT_STATUS_NO_USER_SESSION_KEY;
+ }
+ SamOEMhash(ctr->info.id25->pass, p->session_key.data, 532);
dump_data(100, (char *)ctr->info.id25->pass, 532);
return NT_STATUS_INVALID_INFO_CLASS;
case 23:
- SamOEMhash(ctr->info.id23->pass, p->session_key, 516);
+ if (p->session_key.length != 16) {
+ return NT_STATUS_NO_USER_SESSION_KEY;
+ }
+ SamOEMhash(ctr->info.id23->pass, p->session_key.data, 516);
dump_data(100, (char *)ctr->info.id23->pass, 516);