Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
/* avoid recursion */
if (flags & LIBNDR_FLAG_NO_NDR_SIZE) return 0;
+ /* Avoid following a NULL pointer */
+ if (p == NULL) {
+ return 0;
+ }
+
ndr = ndr_push_init_ctx(NULL);
if (!ndr) return 0;
ndr->flags |= flags | LIBNDR_FLAG_NO_NDR_SIZE;
+++ /dev/null
-^samba.tests.blackbox.ndrdump.samba.tests.blackbox.ndrdump.NdrDumpTests.test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE