libcli/auth: Don't pass back lm_sess_key as the same pointer as user_sess_key
authorAndrew Bartlett <abartlet@samba.org>
Mon, 20 Apr 2009 08:54:57 +0000 (10:54 +0200)
committerAndrew Bartlett <abartlet@samba.org>
Mon, 20 Apr 2009 08:54:57 +0000 (10:54 +0200)
This ensures that a talloc_free() of both pointers won't double-free
(sharing pointers like this is evil anyway).

Andrew Bartlett

libcli/auth/ntlm_check.c

index 5ad03cf..2cfe8e1 100644 (file)
@@ -356,9 +356,8 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
                                         client_domain,
                                         false,
                                         user_sess_key)) {
-                       *lm_sess_key = *user_sess_key;
                        if (user_sess_key->length) {
-                               lm_sess_key->length = 8;
+                               *lm_sess_key = data_blob_talloc(mem_ctx, user_sess_key->data, MIN(8, user_sess_key->length));
                        }
                        return NT_STATUS_OK;
                }
@@ -371,9 +370,8 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
                                         client_domain,
                                         true,
                                         user_sess_key)) {
-                       *lm_sess_key = *user_sess_key;
                        if (user_sess_key->length) {
-                               lm_sess_key->length = 8;
+                               *lm_sess_key = data_blob_talloc(mem_ctx, user_sess_key->data, MIN(8, user_sess_key->length));
                        }
                        return NT_STATUS_OK;
                }
@@ -386,9 +384,8 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
                                         "",
                                         false,
                                         user_sess_key)) {
-                       *lm_sess_key = *user_sess_key;
                        if (user_sess_key->length) {
-                               lm_sess_key->length = 8;
+                               *lm_sess_key = data_blob_talloc(mem_ctx, user_sess_key->data, MIN(8, user_sess_key->length));
                        }
                        return NT_STATUS_OK;
                } else {
@@ -408,7 +405,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
                                   so use it only if we otherwise allow LM authentication */
                                
                                if (lanman_auth && stored_lanman) {
-                                       *lm_sess_key = data_blob_talloc(mem_ctx, stored_lanman->hash, 8);
+                                       *lm_sess_key = data_blob_talloc(mem_ctx, stored_lanman->hash, MIN(8, user_sess_key->length));
                                }
                                return NT_STATUS_OK;
                        } else {
@@ -497,9 +494,8 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
                        /* Otherwise, use the LMv2 session key */
                        *user_sess_key = tmp_sess_key;
                }
-               *lm_sess_key = *user_sess_key;
                if (user_sess_key->length) {
-                       lm_sess_key->length = 8;
+                       *lm_sess_key = data_blob_talloc(mem_ctx, user_sess_key->data, MIN(8, user_sess_key->length));
                }
                return NT_STATUS_OK;
        }
@@ -528,9 +524,8 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
                        /* Otherwise, use the LMv2 session key */
                        *user_sess_key = tmp_sess_key;
                }
-               *lm_sess_key = *user_sess_key;
                if (user_sess_key->length) {
-                       lm_sess_key->length = 8;
+                       *lm_sess_key = data_blob_talloc(mem_ctx, user_sess_key->data, MIN(8, user_sess_key->length));
                }
                return NT_STATUS_OK;
        }
@@ -559,9 +554,8 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
                        /* Otherwise, use the LMv2 session key */
                        *user_sess_key = tmp_sess_key;
                }
-               *lm_sess_key = *user_sess_key;
                if (user_sess_key->length) {
-                       lm_sess_key->length = 8;
+                       *lm_sess_key = data_blob_talloc(mem_ctx, user_sess_key->data, MIN(8, user_sess_key->length));
                }
                return NT_STATUS_OK;
        }