secrets: Protect against a non-0-terminated ldap password

author Volker Lendecke <vl@samba.org>

Fri, 21 Apr 2017 11:05:12 +0000 (13:05 +0200)

committer Jeremy Allison <jra@samba.org>

Sat, 22 Apr 2017 03:20:20 +0000 (05:20 +0200)
author Volker Lendecke <vl@samba.org>
Fri, 21 Apr 2017 11:05:12 +0000 (13:05 +0200)
committer Jeremy Allison <jra@samba.org>
Sat, 22 Apr 2017 03:20:20 +0000 (05:20 +0200)
diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c

index 4372c635f1cf943aa85da91c6602b4212e9a0c69..0ddee99a71fb2402bb978badfcf6a48c1fcd965c 100644 (file)
--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@@ -316,6 +316,13 @@ bool fetch_ldap_pw(char **dn, char** pw)
         *pw=(char *)secrets_fetch(key, &size);
         SAFE_FREE(key);
  
+       if ((size != 0) && ((*pw)[size-1] != '\0')) {
+               DBG_ERR("Non 0-terminated password for dn %s\n", *dn);
+               SAFE_FREE(*pw);
+               SAFE_FREE(*dn);
+               return false;
+       }
+
         if (!size) {
                 /* Upgrade 2.2 style entry */
                 char *p;
author	Volker Lendecke <vl@samba.org>
	Fri, 21 Apr 2017 11:05:12 +0000 (13:05 +0200)
committer	Jeremy Allison <jra@samba.org>
	Sat, 22 Apr 2017 03:20:20 +0000 (05:20 +0200)