From 11132035aff317b9150c30f108a4352bd47cb28a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 13 Nov 2020 14:18:43 -0800 Subject: [PATCH] libcli: smb2: Protect debug statements against NULL being passed to smb2_signing_key_valid() for crypto blob. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14210 Signed-off-by: Jeremy Allison --- libcli/smb/smb2_signing.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c index 7669b219bbe..9e1bdc767dd 100644 --- a/libcli/smb/smb2_signing.c +++ b/libcli/smb/smb2_signing.c @@ -92,6 +92,10 @@ NTSTATUS smb2_signing_sign_pdu(struct smb2_signing_key *signing_key, } if (!smb2_signing_key_valid(signing_key)) { + if (signing_key == NULL) { + DBG_WARNING("No signing key for SMB2 signing\n"); + return NT_STATUS_ACCESS_DENIED; + } DBG_WARNING("Wrong session key length %zu for SMB2 signing\n", signing_key->blob.length); return NT_STATUS_ACCESS_DENIED; @@ -416,6 +420,10 @@ NTSTATUS smb2_signing_encrypt_pdu(struct smb2_signing_key *encryption_key, tf = (uint8_t *)vector[0].iov_base; if (!smb2_signing_key_valid(encryption_key)) { + if (encryption_key == NULL) { + DBG_WARNING("No encryption key for SMB2 signing\n"); + return NT_STATUS_ACCESS_DENIED; + } DBG_WARNING("Wrong encryption key length %zu for SMB2 signing\n", encryption_key->blob.length); return NT_STATUS_ACCESS_DENIED; @@ -625,6 +633,10 @@ NTSTATUS smb2_signing_decrypt_pdu(struct smb2_signing_key *decryption_key, tf = (uint8_t *)vector[0].iov_base; if (!smb2_signing_key_valid(decryption_key)) { + if (decryption_key == NULL) { + DBG_WARNING("No decryption key for SMB2 signing\n"); + return NT_STATUS_ACCESS_DENIED; + } DBG_WARNING("Wrong decryption key length %zu for SMB2 signing\n", decryption_key->blob.length); return NT_STATUS_ACCESS_DENIED; -- 2.27.0