From 11132035aff317b9150c30f108a4352bd47cb28a Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Fri, 13 Nov 2020 14:18:43 -0800
Subject: [PATCH] libcli: smb2: Protect debug statements against NULL being
 passed to smb2_signing_key_valid() for crypto blob.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14210

Signed-off-by: Jeremy Allison <jra@samba.org>
---
 libcli/smb/smb2_signing.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c
index 7669b219bbe..9e1bdc767dd 100644
--- a/libcli/smb/smb2_signing.c
+++ b/libcli/smb/smb2_signing.c
@@ -92,6 +92,10 @@ NTSTATUS smb2_signing_sign_pdu(struct smb2_signing_key *signing_key,
 	}
 
 	if (!smb2_signing_key_valid(signing_key)) {
+		if (signing_key == NULL) {
+			DBG_WARNING("No signing key for SMB2 signing\n");
+			return NT_STATUS_ACCESS_DENIED;
+		}
 		DBG_WARNING("Wrong session key length %zu for SMB2 signing\n",
 			    signing_key->blob.length);
 		return NT_STATUS_ACCESS_DENIED;
@@ -416,6 +420,10 @@ NTSTATUS smb2_signing_encrypt_pdu(struct smb2_signing_key *encryption_key,
 	tf = (uint8_t *)vector[0].iov_base;
 
 	if (!smb2_signing_key_valid(encryption_key)) {
+		if (encryption_key == NULL) {
+			DBG_WARNING("No encryption key for SMB2 signing\n");
+			return NT_STATUS_ACCESS_DENIED;
+		}
 		DBG_WARNING("Wrong encryption key length %zu for SMB2 signing\n",
 			    encryption_key->blob.length);
 		return NT_STATUS_ACCESS_DENIED;
@@ -625,6 +633,10 @@ NTSTATUS smb2_signing_decrypt_pdu(struct smb2_signing_key *decryption_key,
 	tf = (uint8_t *)vector[0].iov_base;
 
 	if (!smb2_signing_key_valid(decryption_key)) {
+		if (decryption_key == NULL) {
+			DBG_WARNING("No decryption key for SMB2 signing\n");
+			return NT_STATUS_ACCESS_DENIED;
+		}
 		DBG_WARNING("Wrong decryption key length %zu for SMB2 signing\n",
 			    decryption_key->blob.length);
 		return NT_STATUS_ACCESS_DENIED;
-- 
2.27.0