libntlmauth: Fix string field truncation

Count of field bytes must begin at 0. Otherwise the decoder truncates
1 byte from the string due to lstring initial state values.

Also drop the lstring_zero(s) macro. It is only used in one place and
calling it 'zero' obscures that length is non-zero for invalid state.

diff --git a/lib/ntlmauth/ntlmauth.cc b/lib/ntlmauth/ntlmauth.cc
index 8b9589827c3056bbca8c69e1f4eda6c4a7122372..c1435bc9def9c8ea1a469dcfe98b2508b4ec69af 100644 (file)
--- a/lib/ntlmauth/ntlmauth.cc
+++ b/lib/ntlmauth/ntlmauth.cc
@@ -99,8 +99,6 @@ ntlm_validate_packet(const ntlmhdr * hdr, const int32_t type)
     return NTLM_ERR_NONE;
 }
 
-#define lstring_zero(s) s.str=NULL; s.l=-1;
-
 /**
  * Fetches a string from the authentication packet.
  * The lstring data-part may point to inside the packet itself or a temporary static buffer.
@@ -119,7 +117,8 @@ ntlm_fetch_string(const ntlmhdr *packet, const int32_t packet_size, const strhdr
     lstring rv;
     char *d;
 
-    lstring_zero(rv);
+    rv.str = NULL;
+    rv.l = -1;
 
     l = le16toh(str->len);
     o = le32toh(str->offset);
@@ -130,6 +129,7 @@ ntlm_fetch_string(const ntlmhdr *packet, const int32_t packet_size, const strhdr
         return rv;
     }
     rv.str = (char *)packet + o;
+    rv.l = 0;
     if ((flags & NTLM_NEGOTIATE_ASCII) == 0) {
         /* UNICODE string */
         unsigned short *s = (unsigned short *)rv.str;