Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
SUSE:SLE-12-SP4:GA
freerdp.34025
freerdp-CVE-2022-24883.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File freerdp-CVE-2022-24883.patch of Package freerdp.34025
From e6d662f00edc1cee6735db6807975991440a79ba Mon Sep 17 00:00:00 2001 From: akallabeth <akallabeth@posteo.net> Date: Fri, 22 Apr 2022 14:42:11 +0200 Subject: [PATCH] Cleaned up ntlm_fetch_ntlm_v2_hash --- winpr/libwinpr/sspi/NTLM/ntlm_compute.c | 63 +++++++++++-------------- 1 file changed, 27 insertions(+), 36 deletions(-) diff --git a/winpr/libwinpr/sspi/NTLM/ntlm_compute.c b/winpr/libwinpr/sspi/NTLM/ntlm_compute.c index dbd7f7fb0..caaf3fbb9 100644 --- a/winpr/libwinpr/sspi/NTLM/ntlm_compute.c +++ b/winpr/libwinpr/sspi/NTLM/ntlm_compute.c @@ -206,59 +206,50 @@ void ntlm_generate_timestamp(NTLM_CONTEXT* context) ntlm_current_time(context->Timestamp); } -static int ntlm_fetch_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash) +static BOOL ntlm_fetch_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash) { - WINPR_SAM* sam; - WINPR_SAM_ENTRY* entry; - SSPI_CREDENTIALS* credentials = context->credentials; + BOOL rc = FALSE; + WINPR_SAM* sam = NULL; + WINPR_SAM_ENTRY* entry = NULL; + SSPI_CREDENTIALS* credentials; + + credentials = context->credentials; sam = SamOpen(context->SamFile, TRUE); if (!sam) - return -1; + goto fail; entry = SamLookupUserW( - sam, (LPWSTR)credentials->identity.User, credentials->identity.UserLength * 2, - (LPWSTR)credentials->identity.Domain, credentials->identity.DomainLength * 2); + sam, (LPWSTR)credentials->identity.User, credentials->identity.UserLength * sizeof(WCHAR), + (LPWSTR)credentials->identity.Domain, credentials->identity.DomainLength * sizeof(WCHAR)); - if (entry) + if (!entry) { -#ifdef WITH_DEBUG_NTLM - WLog_DBG(TAG, "NTLM Hash:"); - winpr_HexDump(TAG, WLOG_DEBUG, entry->NtHash, 16); -#endif - NTOWFv2FromHashW(entry->NtHash, (LPWSTR)credentials->identity.User, - credentials->identity.UserLength * 2, (LPWSTR)credentials->identity.Domain, - credentials->identity.DomainLength * 2, (BYTE*)hash); - SamFreeEntry(sam, entry); - SamClose(sam); - return 1; + entry = SamLookupUserW(sam, (LPWSTR)credentials->identity.User, + credentials->identity.UserLength * sizeof(WCHAR), NULL, 0); } - entry = SamLookupUserW(sam, (LPWSTR)credentials->identity.User, - credentials->identity.UserLength * 2, NULL, 0); + if (!entry) + goto fail; - if (entry) - { #ifdef WITH_DEBUG_NTLM WLog_DBG(TAG, "NTLM Hash:"); winpr_HexDump(TAG, WLOG_DEBUG, entry->NtHash, 16); #endif - NTOWFv2FromHashW(entry->NtHash, (LPWSTR)credentials->identity.User, - credentials->identity.UserLength * 2, (LPWSTR)credentials->identity.Domain, - credentials->identity.DomainLength * 2, (BYTE*)hash); - SamFreeEntry(sam, entry); - SamClose(sam); - return 1; - } - else - { - SamClose(sam); - WLog_ERR(TAG, "Error: Could not find user in SAM database"); - return 0; - } + NTOWFv2FromHashW(entry->NtHash, (LPWSTR)credentials->identity.User, + credentials->identity.UserLength * sizeof(WCHAR), + (LPWSTR)credentials->identity.Domain, + credentials->identity.DomainLength * sizeof(WCHAR), (BYTE*)hash); + + rc = TRUE; +fail: + SamFreeEntry(sam, entry); SamClose(sam); - return 1; + if (!rc) + WLog_ERR(TAG, "Error: Could not find user in SAM database"); + + return rc; } static int ntlm_convert_password_hash(NTLM_CONTEXT* context, BYTE* hash) -- 2.26.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
