From c189f6a54f36f5b6f7734303db3cfc52311aab5f Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Tue, 14 Aug 2012 20:47:22 +0200
Subject: Validate NTLM challenge fields.

This is to avoid reading from bad locations, and possibly conveying
confidential data. Credit to Nico Golde.
---
 ntlm.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'ntlm.h')

diff --git a/ntlm.h b/ntlm.h
index 14696335..ad835201 100644
--- a/ntlm.h
+++ b/ntlm.h
@@ -32,8 +32,8 @@ uint32        msgType;
 tSmbStrHeader    uDomain;
 uint32        flags;
 uint8         challengeData[8];
-uint8         reserved[8];
-tSmbStrHeader    emptyString;
+uint32        context[2];
+tSmbStrHeader    targetInfo;
 uint8         buffer[1024];
 uint32        bufIndex;
 }tSmbNtlmAuthChallenge;
-- 
cgit v1.2.3