packages/libesmtp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
libesmtp/CVE-2019-19977.patch
Vchanger 14d3517f17 libesmtp: fix CVE-2019-19977
2020-04-20 14:39:15 +08:00

70 lines
2.0 KiB
Diff
Raw Blame History

From 9fc96e9f52b6b8ca67463289cde6d50b3d5911f9 Mon Sep 17 00:00:00 2001
From: liaichun <liaichun@huawei.com>
Date: Mon, 20 Apr 2020 14:35:35 +0800
Subject: [PATCH] remove ntlm_build_type_2 to fix CVE-2019-19977
---
ntlm/ntlm.h | 2 --
ntlm/ntlmstruct.c | 32 --------------------------------
2 files changed, 34 deletions(-)
diff --git a/ntlm/ntlm.h b/ntlm/ntlm.h
index 50a49d6..d5dae83 100644
--- a/ntlm/ntlm.h
+++ b/ntlm/ntlm.h
@@ -35,8 +35,6 @@ void ntlm_responses (unsigned char *lm_resp, unsigned char *nt_resp,
size_t ntlm_build_type_1 (char *buf, size_t buflen, unsigned int flags,
const char *domain, const char *workstation);
-size_t ntlm_build_type_2 (char *buf, size_t buflen, unsigned int flags,
- const unsigned char *nonce, const char *domain);
size_t ntlm_build_type_3 (char *buf, size_t buflen,
unsigned int flags,
const unsigned char *lm_resp,
diff --git a/ntlm/ntlmstruct.c b/ntlm/ntlmstruct.c
index dfb80de..3167da7 100644
--- a/ntlm/ntlmstruct.c
+++ b/ntlm/ntlmstruct.c
@@ -218,38 +218,6 @@ ntlm_build_type_1 (char *buf, size_t buflen, unsigned int flags,
return offset;
}
-/* Build a NTLM type 2 structure in the buffer */
-size_t
-ntlm_build_type_2 (char *buf, size_t buflen, unsigned int flags,
- const unsigned char *nonce, const char *domain)
-{
- size_t offset = T2SIZE;
- size_t len;
- char string[256];
- unsigned char *up;
-
- if (buflen < offset)
- return 0;
- memcpy (buf, NTLMSSP, 8);
- write_uint32 (buf, MSGTYPE, 2);
- up = NULL;
- len = 0;
- if (domain != NULL)
- {
- len = strlen (domain);
- if (offset + 2 * len > buflen)
- return 0;
- up = nt_unicode (lm_uccpy (string, len, domain), 2 * len);
- }
- write_string (buf, T2AUTHTARGET, &offset, up, len);
- if (up != NULL)
- free (up);
- write_uint32 (buf, T2FLAGS, flags);
- memcpy (buf + T2NONCE, nonce, 8);
- memset (buf + T2RESERVED, 0, 8);
- return offset;
-}
-
/* Build a NTLM type 3 structure in the buffer */
size_t
ntlm_build_type_3 (char *buf, size_t buflen, unsigned int flags,
--
1.8.3.1
Reference in New Issue View Git Blame Copy Permalink