From cd774bafc11b2dbb981710697e716d0ae896496d Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox@samba.org>
Date: Wed, 30 Dec 2009 15:37:23 +0100
Subject: s3:auth:sam_password_ok: fix allocation of a data blob.

data_blob(mem_ctx, 16) does not use mem_ctx as a talloc ctx but
copies 16 bytes from mem_ctx into the newly allocated data blob.
This can not have been intentional. A blank uint8_t array of
length 16 is allocated by passing NULL instead of mem_ctx.
And using data_blob_talloc(mem_ctx, NULL, 16) adds the allocated
blank 16 byte array to mem_ctx - so this is what must have been
intended.

Michael
(cherry picked from commit c3bd0b5951f09f102abaa19fb2e1f55711b975d2)
---
 source3/auth/auth_sam.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index 381ad5b83ca..42ede641412 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -82,7 +82,7 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 	}
 
 	if (client_lm_hash || client_nt_hash) {
-		*user_sess_key = data_blob(mem_ctx, 16);
+		*user_sess_key = data_blob_talloc(mem_ctx, NULL, 16);
 		if (!user_sess_key->data) {
 			return NT_STATUS_NO_MEMORY;
 		}
-- 
cgit