github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2024-11-26 17:41:08 +01:00
Code Releases Activity

fix copy error

Browse Source 
use strncpy not memcpy to transfer the re-encoded
name and description into our account object.
also use sizeof for precise copy size. eliminates lingering
errors

MSP-12356
This commit is contained in:
David Maloney 2015-06-02 12:44:49 -05:00
parent 84cea10260
commit 2b07377328
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
c/meterpreter/source/extensions/priv/server/ntds_jet.c
View File

@ -225,7 +225,7 @@ JET_ERR read_user(struct jetState *ntdsState, struct ntdsColumns *accountColumns
if (readStatus != JET_errSuccess){
return readStatus;
}
memcpy(&userAccount->accountName, wchar_to_utf8(accountName), 20);
strncpy(userAccount->accountName, wchar_to_utf8(accountName), sizeof(userAccount->accountName));
// Grab the Account Description here
wchar_t accountDescription[1024] = { 0x00 };
readStatus = JetRetrieveColumn(ntdsState->jetSession, ntdsState->jetTable, accountColumns->accountDescription.columnid, &accountDescription, sizeof(accountDescription), &columnSize, 0, NULL);
@ -235,7 +235,7 @@ JET_ERR read_user(struct jetState *ntdsState, struct ntdsColumns *accountColumns
else if (readStatus != JET_errSuccess){
return readStatus;
}
memcpy(&userAccount->accountDescription, wchar_to_utf8(accountDescription), 1024);
strncpy(userAccount->accountDescription, wchar_to_utf8(accountDescription), sizeof(userAccount->accountDescription));
// Grab the UserAccountControl flags here
readStatus = JetRetrieveColumn(ntdsState->jetSession, ntdsState->jetTable, accountColumns->accountControl.columnid, &accountControl, sizeof(accountControl), &columnSize, 0, NULL);
if (readStatus != JET_errSuccess){