mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add check to protect memcpy(3) from using NULL pointer.

Browse Source 
The ntlm_construct_challenge_target_info function can potentially pass NULL as
argument to the ntlm_av_pair_add function (for example DnsDomainName.Buffer).
This NULL finally lands in the CopyMemory (which is macro to the memcpy(3)
function) which can't handle NULL.
This commit is contained in:
Mariusz Zaborski 2015-05-11 16:21:02 +02:00
parent 692df124c6
commit 80958751e4
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c
View File

@ -21,6 +21,8 @@
#include "config.h"
#endif
#include <assert.h>
#include "ntlm.h"
#include "../sspi.h"
@ -143,6 +145,7 @@ NTLM_AV_PAIR* ntlm_av_pair_add(NTLM_AV_PAIR* pAvPairList, NTLM_AV_ID AvId, PBYTE
if (!pAvPair)
return NULL;
assert(Value != NULL);
pAvPair->AvId = AvId;
pAvPair->AvLen = AvLen;
CopyMemory(ntlm_av_pair_get_value_pointer(pAvPair), Value, AvLen);