s3-rpc_client: Fixed a segfault in rpccli_samr_chng_pswd_auth_crap().

This fixes the WINBIND-WBCLIENT test. The test set
old_lm_hash_enc_blob.length to 0 and we don't check the length here. So
the memcpy segfaulted.

diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index 8c92ebb059c3a54bb0c923e49e9259740e940cb7..8c1011293afb6b67e963c3b90042318fa2466e1f 100644 (file)
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -165,10 +165,29 @@ NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli,
        init_lsa_String(&server, cli->srv_name_slash);
        init_lsa_String(&account, username);
 
-       memcpy(&new_nt_password.data, new_nt_password_blob.data, 516);
-       memcpy(&new_lm_password.data, new_lm_password_blob.data, 516);
-       memcpy(&old_nt_hash_enc.hash, old_nt_hash_enc_blob.data, 16);
-       memcpy(&old_lm_hash_enc.hash, old_lm_hash_enc_blob.data, 16);
+       if (new_nt_password_blob.length > 0) {
+               memcpy(&new_nt_password.data, new_nt_password_blob.data, 516);
+       } else {
+               ZERO_STRUCT(new_nt_password_blob);
+       }
+
+       if (new_lm_password_blob.length > 0) {
+               memcpy(&new_lm_password.data, new_lm_password_blob.data, 516);
+       } else {
+               ZERO_STRUCT(new_lm_password);
+       }
+
+       if (old_nt_hash_enc_blob.length > 0) {
+               memcpy(&old_nt_hash_enc.hash, old_nt_hash_enc_blob.data, 16);
+       } else {
+               ZERO_STRUCT(old_nt_hash_enc);
+       }
+
+       if (old_lm_hash_enc_blob.length > 0) {
+               memcpy(&old_lm_hash_enc.hash, old_lm_hash_enc_blob.data, 16);
+       } else {
+               ZERO_STRUCT(old_lm_hash_enc);
+       }
 
        result = rpccli_samr_ChangePasswordUser2(cli, mem_ctx,
                                                 &server,