test for overflow in nmb name parsing code

author Andrew Tridgell <tridge@samba.org>

Wed, 13 May 1998 05:03:17 +0000 (05:03 +0000)

committer Andrew Tridgell <tridge@samba.org>

Wed, 13 May 1998 05:03:17 +0000 (05:03 +0000)
author Andrew Tridgell <tridge@samba.org>
Wed, 13 May 1998 05:03:17 +0000 (05:03 +0000)
committer Andrew Tridgell <tridge@samba.org>
Wed, 13 May 1998 05:03:17 +0000 (05:03 +0000)
diff --git a/source3/libsmb/nmblib.c b/source3/libsmb/nmblib.c

index 6c178758c68527a1c9208d95afa89d9e9a203708..f59371d5593a7a6df87e3ee2fb8d80bf0d9e0ecf 100644 (file)
--- a/source3/libsmb/nmblib.c
+++ b/source3/libsmb/nmblib.c
@@ -197,7 +197,7 @@ static int parse_nmb_name(char *inbuf,int offset,int length, struct nmb_name *na
      unsigned char c1,c2;
      c1 = ubuf[offset++]-'A';
      c2 = ubuf[offset++]-'A';
-    if ((c1 & 0xF0) || (c2 & 0xF0)) return(0);
+    if ((c1 & 0xF0) || (c2 & 0xF0) || (n > sizeof(name->name)-1)) return(0);
      name->name[n++] = (c1<<4) | c2;
      m -= 2;
    }
author	Andrew Tridgell <tridge@samba.org>
	Wed, 13 May 1998 05:03:17 +0000 (05:03 +0000)
committer	Andrew Tridgell <tridge@samba.org>
	Wed, 13 May 1998 05:03:17 +0000 (05:03 +0000)