From: Pavel Filipenský Date: Mon, 8 Aug 2022 13:23:05 +0000 (+0200) Subject: s3:auth: Zero memory in sam_password_ok() X-Git-Tag: talloc-2.4.0~1313 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ccae2a4ab5478acea7c37134d486c3562ff5c3dc;p=thirdparty%2Fsamba.git s3:auth: Zero memory in sam_password_ok() Signed-off-by: Pavel Filipenský Reviewed-by: Andreas Schneider --- diff --git a/source3/auth/check_samsec.c b/source3/auth/check_samsec.c index b9563c958a9..25620aef20a 100644 --- a/source3/auth/check_samsec.c +++ b/source3/auth/check_samsec.c @@ -81,19 +81,20 @@ static NTSTATUS sam_password_ok(TALLOC_CTX *mem_ctx, if (nt_pw) { *user_sess_key = data_blob_talloc(mem_ctx, NULL, 16); if (!user_sess_key->data) { - return NT_STATUS_NO_MEMORY; + status = NT_STATUS_NO_MEMORY; + goto done; } SMBsesskeygen_ntv1(nt_pw, user_sess_key->data); } } - return status; + break; /* Eventually we should test plaintext passwords in their own * function, not assuming the caller has done a * mapping */ case AUTH_PASSWORD_PLAIN: case AUTH_PASSWORD_RESPONSE: - return ntlm_password_check(mem_ctx, lp_lanman_auth(), + status = ntlm_password_check(mem_ctx, lp_lanman_auth(), lp_ntlm_auth(), user_info->logon_parameters, challenge, @@ -104,10 +105,15 @@ static NTSTATUS sam_password_ok(TALLOC_CTX *mem_ctx, lm_hash, nt_hash, user_sess_key, lm_sess_key); + break; default: DEBUG(0,("user_info constructed for user '%s' was invalid - password_state=%u invalid.\n", username, user_info->password_state)); - return NT_STATUS_INTERNAL_ERROR; + status = NT_STATUS_INTERNAL_ERROR; } +done: + ZERO_STRUCTP(lm_hash); + ZERO_STRUCTP(nt_hash); + return status; } /****************************************************************************