git.samba.org
/
ira
/
wip.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
4444612
)
s3: Fix bug #8674.
author
Jeremy Allison
<jra@samba.org>
Tue, 24 Jan 2012 22:41:30 +0000
(14:41 -0800)
committer
Jeremy Allison
<jra@samba.org>
Wed, 25 Jan 2012 00:38:06 +0000
(
01:38
+0100)
Buffer overflow issue with AES encryption in samba traffic analyzer.
source3/modules/vfs_smb_traffic_analyzer.c
patch
|
blob
|
history
diff --git
a/source3/modules/vfs_smb_traffic_analyzer.c
b/source3/modules/vfs_smb_traffic_analyzer.c
index 4d1ffbd06dedd86909dc9d9023b89486b652b2f6..7b9a902e14fd58fdaf57ea470d01d54644f443bd 100644
(file)
--- a/
source3/modules/vfs_smb_traffic_analyzer.c
+++ b/
source3/modules/vfs_smb_traffic_analyzer.c
@@
-187,8
+187,7
@@
static char *smb_traffic_analyzer_encrypt( TALLOC_CTX *ctx,
samba_AES_encrypt((const unsigned char *) str+(16*h), crypted, &key);
for (d = 0; d<16; d++) output[d+(16*h)]=crypted[d];
}
- samba_AES_encrypt( (const unsigned char *) str+(16*h), filler, &key );
- for (d = 0;d < 16; d++) output[d+(16*h)]=*(filler+d);
+ samba_AES_encrypt(filler, (const unsigned char *)(output+(16*h)), &key);
*len = (s1*16)+16;
return output;
}