From b60b85c55295b1e7ba41a5e835345af28cdd3592 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Thu, 22 Sep 2011 13:42:56 -0700
Subject: [PATCH] Fix bug #8477 - Map to guest can return uninitialized blob of
 data.

Found by Codenomicon at SNIA SDC.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Sep 23 03:19:46 CEST 2011 on sn-devel-104
(cherry picked from commit f0f91d0117b2ccf778382e61a411b5e4f0ea2b14)
---
 source3/smbd/smb2_sesssetup.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 6649cfb59a2..49aabdb7a7a 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -57,7 +57,7 @@ NTSTATUS smbd_smb2_request_process_sesssetup(struct smbd_smb2_request *smb2req)
 	uint16_t out_session_flags;
 	uint64_t out_session_id;
 	uint16_t out_security_offset;
-	DATA_BLOB out_security_buffer;
+	DATA_BLOB out_security_buffer = data_blob_null;
 	NTSTATUS status;
 
 	inhdr = (const uint8_t *)smb2req->in.vector[i+0].iov_base;
@@ -679,6 +679,8 @@ static NTSTATUS smbd_smb2_raw_ntlmssp_auth(struct smbd_smb2_session *session,
 	NTSTATUS status;
 	DATA_BLOB secblob_out = data_blob_null;
 
+	*out_security_buffer = data_blob_null;
+
 	if (session->auth_ntlmssp_state == NULL) {
 		status = auth_ntlmssp_start(&session->auth_ntlmssp_state);
 		if (!NT_STATUS_IS_OK(status)) {
-- 
2.11.4.GIT