convert_string_talloc_handle() tries to play an the safe side
and always returns a null terminated array.
But for NDR we need to be correct on the wire...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
s_len++;
}
- if (!do_convert) {
+ if (s_len == 0) {
+ d_len = 0;
+ dest = (uint8_t *)talloc_strdup(ndr, "");
+ } else if (!do_convert) {
d_len = s_len;
dest = (uint8_t *)talloc_strndup(ndr, s, s_len);
} else if (!convert_string_talloc(ndr, CH_UNIX, chset, s, s_len,
--- /dev/null
+^samba.tests.blackbox.ndrdump.samba.tests.blackbox.ndrdump.NdrDumpTests.test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE
+++ /dev/null
-^samba4.local.ndr.ndr_string.ndr_string
-^samba4.local.ndr.system.iconv.ndr_string.ndr_string