I have downloaded mod_ntlm_winbind "somwhere" from the samba-site. Seems that it is not maintained (any more). Does anyone know of an alternative module for mod_ntlm_winbind that works ? If not, I'd like to maintain this module (What do I have to do ?)
However, I found a bug in the ntlmssp.c file, line 150 (or 224, see explanation) 148: unsigned o = little_endian_word(off); 149: unsigned l = little_endian_word(len) / 2; /* Unicode! */ 150: if (l > max) 151: return -1; 152: if (o >= srclen) 153: return -1; 154: if (o + l > srclen) 155: return -1; The function [ntlm_msg3_getusername] (line 219) calls the function [ntlm_extract_unicode] with the max-parameter assigned to MAX_USERLEN. MAX_USERLEN has the value 21 (20 characters for username). The problem is, that the username is in unicode, so the line 150 should be something like the following (?): 149: unsigned l = little_endian_word(len) / 2; /* Unicode! */ 150: if (l > max*2) 151: return -1; regards, ____________________________________________________________________________ ____ Georg Weber Senior Engineer - Software Development Infineon Technologies IFDA IT RD Microelectronic Design Centers phone: +43 4242 305-6065 Austria GmbH fax: +43 4242 3020-6065 Siemensstr. 2, 9500 Villach, Austria mailto: [EMAIL PROTECTED] http://www.infineon.com/ezmvi
