From ccae2a4ab5478acea7c37134d486c3562ff5c3dc Mon Sep 17 00:00:00 2001 From: =?utf8?q?Pavel=20Filipensk=C3=BD?= Date: Mon, 8 Aug 2022 15:23:05 +0200 Subject: [PATCH] s3:auth: Zero memory in sam_password_ok() MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Pavel Filipenský Reviewed-by: Andreas Schneider --- source3/auth/check_samsec.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/source3/auth/check_samsec.c b/source3/auth/check_samsec.c index b9563c958a9..25620aef20a 100644 --- a/source3/auth/check_samsec.c +++ b/source3/auth/check_samsec.c @@ -81,19 +81,20 @@ static NTSTATUS sam_password_ok(TALLOC_CTX *mem_ctx, if (nt_pw) { *user_sess_key = data_blob_talloc(mem_ctx, NULL, 16); if (!user_sess_key->data) { - return NT_STATUS_NO_MEMORY; + status = NT_STATUS_NO_MEMORY; + goto done; } SMBsesskeygen_ntv1(nt_pw, user_sess_key->data); } } - return status; + break; /* Eventually we should test plaintext passwords in their own * function, not assuming the caller has done a * mapping */ case AUTH_PASSWORD_PLAIN: case AUTH_PASSWORD_RESPONSE: - return ntlm_password_check(mem_ctx, lp_lanman_auth(), + status = ntlm_password_check(mem_ctx, lp_lanman_auth(), lp_ntlm_auth(), user_info->logon_parameters, challenge, @@ -104,10 +105,15 @@ static NTSTATUS sam_password_ok(TALLOC_CTX *mem_ctx, lm_hash, nt_hash, user_sess_key, lm_sess_key); + break; default: DEBUG(0,("user_info constructed for user '%s' was invalid - password_state=%u invalid.\n", username, user_info->password_state)); - return NT_STATUS_INTERNAL_ERROR; + status = NT_STATUS_INTERNAL_ERROR; } +done: + ZERO_STRUCTP(lm_hash); + ZERO_STRUCTP(nt_hash); + return status; } /**************************************************************************** -- 2.47.3