From: Joshua Rogers Date: Mon, 8 Sep 2025 16:25:18 +0000 (+0000) Subject: ntlm_sspi_auth: memcmp not memcpy, send newline, no uninit mem (#2218) X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=70146650fd9574e69d26c1054fef8b9f3b641761;p=thirdparty%2Fsquid.git ntlm_sspi_auth: memcmp not memcpy, send newline, no uninit mem (#2218) Previously, memcpy was incorrectly used instead of memcmp. In addition to this, uninitalized memory could be used, and responses to Squid were missing a newline. --- diff --git a/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc b/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc index ec42ca7677..f94b8f4d46 100644 --- a/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc +++ b/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc @@ -175,10 +175,10 @@ ntlm_check_auth(ntlm_authenticate * auth, char *user, char *domain, int auth_len { char credentials[DNLEN+UNLEN+2]; /* we can afford to waste */ + user[0] = '\0'; + domain[0] = '\0'; if (!NTLM_LocalCall) { - user[0] = '\0'; - domain[0] = '\0'; const auto x = ntlm_unpack_auth(auth, user, domain, auth_length); if (x != NtlmError::None) @@ -327,7 +327,7 @@ manage_request() /* NP: for some reason this helper sometimes needs to accept * from clients that send no negotiate packet. */ - if (memcpy(local_nego.hdr.signature, "NTLMSSP", 8) != 0) { + if (memcmp(local_nego.hdr.signature, "NTLMSSP", 8) != 0) { memset(&local_nego, 0, sizeof(ntlm_negotiate)); /* reset */ memcpy(local_nego.hdr.signature, "NTLMSSP", 8); /* set the signature */ local_nego.hdr.type = le32toh(NTLM_NEGOTIATE); /* this is a challenge */ @@ -498,7 +498,7 @@ manage_request() /* let's lowercase them for our convenience */ lc(domain); lc(user); - fprintf(stdout, "OK user=\"%s\\%s\"", domain, user); + fprintf(stdout, "OK user=\"%s\\%s\"\n", domain, user); return 1; } default: