libcli/auth: check E_md4hash() result in netlogon_creds_cli_ServerPasswordSet_send()

We need to make sure we can convert the given string to an nthash.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 8a209e5a0ca810d8cf0e5ebc1902fae8c5cb241e)

diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c
index 38b1351f59178e7165f8a09613cea73d1f826da2..d2ffe694d1c0ffd9bf076b5ad7b163ee7dffd0b5 100644 (file)
--- a/libcli/auth/netlogon_creds_cli.c
+++ b/libcli/auth/netlogon_creds_cli.c
@@ -1747,7 +1747,11 @@ struct tevent_req *netlogon_creds_cli_ServerPasswordSet_send(TALLOC_CTX *mem_ctx
        /*
         * netr_ServerPasswordSet
         */
-       E_md4hash(new_password, state->samr_password.hash);
+       ok = E_md4hash(new_password, state->samr_password.hash);
+       if (!ok) {
+               tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER_MIX);
+               return tevent_req_post(req, ev);
+       }
 
        /*
         * netr_ServerPasswordSet2