[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Patch proposal for CVE-2019-17455 (Buffer Overflow Write when libntlm ge

From: Cedric Buissart
Subject: Patch proposal for CVE-2019-17455 (Buffer Overflow Write when libntlm generates NTLM request)
Date: Mon, 9 Mar 2020 15:51:32 +0100


This vulnerability ( has
been opened for some time without a fix.

So here is a quick fix proposal : fixing the AddBytes macro by forcing
it to check the remaining buffer available before copying the data.
The advantage of doing it here is that it _should (hopefully)_ fix all
the possibly affected code paths (i.e.: all calls to AddBytes,
AddString, AddUnicodeStringLen, AddUnicodeString),
buildSmbNtlmAuthRequest & also work for tSmbNtlmAuthResponse.

*WARNING* : I didn't really test it with more than a few partial test
cases (e.g.: I didn't even check if it also works for

Please let me know if it looks good

Cedric Buissart,
Red Hat Product Security

Attachment: libntlm-CVE-2019-17455.patch
Description: Text Data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]