secrets: Protect against a non-0-terminated ldap password
authorVolker Lendecke <vl@samba.org>
Fri, 21 Apr 2017 11:05:12 +0000 (13:05 +0200)
committerJeremy Allison <jra@samba.org>
Sat, 22 Apr 2017 03:20:20 +0000 (05:20 +0200)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
source3/passdb/secrets.c

index 4372c63..0ddee99 100644 (file)
@@ -316,6 +316,13 @@ bool fetch_ldap_pw(char **dn, char** pw)
        *pw=(char *)secrets_fetch(key, &size);
        SAFE_FREE(key);
 
+       if ((size != 0) && ((*pw)[size-1] != '\0')) {
+               DBG_ERR("Non 0-terminated password for dn %s\n", *dn);
+               SAFE_FREE(*pw);
+               SAFE_FREE(*dn);
+               return false;
+       }
+
        if (!size) {
                /* Upgrade 2.2 style entry */
                char *p;