pass is a local. The quoted code can never be correct.
The correct fix is to take away the offending line, and stop trying
to print the value as a string. It is not. It is a 24 bytes binary
blob.
And you really should not be using the lmresponse if there is a NTLM
response. But for this you need other hooks into smbval, or get rid
of smbval entirely.
Regards
Henrik
On Sunday 10 March 2002 12:41, Robert Collins wrote:
> > -----Original Message-----
> > From: Guido Serassio [mailto:serassio@libero.it]
> > Sent: Sunday, March 10, 2002 10:12 PM
> > To: squid-dev@squid-cache.org
> > Subject: NTLM - compile warning, may be a bug
> >
> >
> > Hi,
> >
> > Compiling 2.5 with the Compaq CCC on my Alpha Linux, I get
> > the following
> > suspect warning in the
> > src\auth\ntlm\helpers\NTLMSSP\libntlmssp.c file:
> >
> > cc: Info: libntlmssp.c, line 242: In this statement, an array
> > is being
> > accessed outside th
> > e bounds specified for the array type. (subscrbounds)
> > pass[25] = '\0';
> > ---------^
> >
> > But at line 200 pass[] is declared:
> >
> > char pass[25] /*, encrypted_pass[40] */;
> >
> > So, I think that this can be wrong.
>
> It's not pretty, but IIRC the next field is already grabbed or
> used. The fields in the transitted structure are not STRZ fields,
> but fixed length arrays - so this is correct.
>
> Rob
Received on Sun Mar 10 2002 - 08:18:24 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:51 MST