Merge pull request #10793 from akallabeth/ntlm-fixes

[winpr,sspi] fix NULL NTLM password handling
This commit is contained in:
Martin Fleisz 2024-10-28 09:44:20 +01:00 committed by GitHub
commit fa71cb18f0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 18 additions and 6 deletions

View File

@ -336,11 +336,14 @@ static BOOL copy(WCHAR** dst, ULONG* dstLen, const WCHAR* what, size_t len)
/* Case what="" and len=0 should allocate an empty string */ /* Case what="" and len=0 should allocate an empty string */
if (!what && (len != 0)) if (!what && (len != 0))
return FALSE; return FALSE;
if (!what && (len == 0))
return TRUE;
*dst = calloc(sizeof(WCHAR), len + 1); *dst = calloc(sizeof(WCHAR), len + 1);
if (!*dst) if (!*dst)
return FALSE; return FALSE;
if (what)
memcpy(*dst, what, len * sizeof(WCHAR)); memcpy(*dst, what, len * sizeof(WCHAR));
*dstLen = len; *dstLen = len;
return TRUE; return TRUE;
} }
@ -380,9 +383,18 @@ int sspi_SetAuthIdentityA(SEC_WINNT_AUTH_IDENTITY* identity, const char* user, c
size_t unicodeUserLenW = 0; size_t unicodeUserLenW = 0;
size_t unicodeDomainLenW = 0; size_t unicodeDomainLenW = 0;
size_t unicodePasswordLenW = 0; size_t unicodePasswordLenW = 0;
LPWSTR unicodeUser = ConvertUtf8ToWCharAlloc(user, &unicodeUserLenW); LPWSTR unicodeUser = NULL;
LPWSTR unicodeDomain = ConvertUtf8ToWCharAlloc(domain, &unicodeDomainLenW); LPWSTR unicodeDomain = NULL;
LPWSTR unicodePassword = ConvertUtf8ToWCharAlloc(password, &unicodePasswordLenW); LPWSTR unicodePassword = NULL;
if (user)
unicodeUser = ConvertUtf8ToWCharAlloc(user, &unicodeUserLenW);
if (domain)
unicodeDomain = ConvertUtf8ToWCharAlloc(domain, &unicodeDomainLenW);
if (password)
unicodePassword = ConvertUtf8ToWCharAlloc(password, &unicodePasswordLenW);
rc = sspi_SetAuthIdentityWithLengthW(identity, unicodeUser, unicodeUserLenW, unicodeDomain, rc = sspi_SetAuthIdentityWithLengthW(identity, unicodeUser, unicodeUserLenW, unicodeDomain,
unicodeDomainLenW, unicodePassword, unicodePasswordLenW); unicodeDomainLenW, unicodePassword, unicodePasswordLenW);

View File

@ -780,7 +780,7 @@ int TestNTLM(int argc, char* argv[])
{ TEST_NTLM_USER, TEST_NTLM_DOMAIN, "", TEST_EMPTY_PWD_NTLM_HASH, { TEST_NTLM_USER, TEST_NTLM_DOMAIN, "", TEST_EMPTY_PWD_NTLM_HASH,
TEST_EMPTY_PWD_NTLM_V2_HASH, TRUE, TRUE }, TEST_EMPTY_PWD_NTLM_V2_HASH, TRUE, TRUE },
{ TEST_NTLM_USER, TEST_NTLM_DOMAIN, NULL, TEST_EMPTY_PWD_NTLM_HASH, { TEST_NTLM_USER, TEST_NTLM_DOMAIN, NULL, TEST_EMPTY_PWD_NTLM_HASH,
TEST_EMPTY_PWD_NTLM_V2_HASH, TRUE, TRUE } TEST_EMPTY_PWD_NTLM_V2_HASH, TRUE, FALSE }
}; };
int rc = 0; int rc = 0;