The branch, master has been updated via f173b4fd5f0 s3:smbd: Fix CID 1449599 replacing memcpy to memmove to avoid overflow from f1a82801692 librpc:bcrypt_rsakey_blob: exponent and modulus lengths can't be zero
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit f173b4fd5f0be3cdc89e9807aa8a4b85fb0572cf Author: Shweta Sodani <ssod...@redhat.com> Date: Fri Aug 1 11:45:52 2025 +0530 s3:smbd: Fix CID 1449599 replacing memcpy to memmove to avoid overflow Here reply_smb1_outbuf is allocating the req->outbuf buffer, hence safest way to use is memmove that has a checks for overlap instead of memcpy. This fixes coverity issue#1449599 Signed-off-by: Shweta Sodani <ssod...@redhat.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Anoop C S <anoo...@samba.org> Reviewed-by: Shwetha K Acharya <shwetha.k.acha...@ibm.com> Autobuild-User(master): Anoop C S <anoo...@samba.org> Autobuild-Date(master): Fri Aug 1 11:03:06 UTC 2025 on atb-devel-224 ----------------------------------------------------------------------- Summary of changes: source3/smbd/smb1_reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb1_reply.c b/source3/smbd/smb1_reply.c index 83b754f9c77..aff33a3501c 100644 --- a/source3/smbd/smb1_reply.c +++ b/source3/smbd/smb1_reply.c @@ -3812,7 +3812,7 @@ void error_to_writebrawerr(struct smb_request *req) reply_smb1_outbuf(req, 1, 0); - memcpy(req->outbuf, old_outbuf, smb_size); + memmove(req->outbuf, old_outbuf, smb_size); TALLOC_FREE(old_outbuf); } -- Samba Shared Repository