File tree Expand file tree Collapse file tree 1 file changed +8
-0
lines changed
lib/msf/core/exploit/smb/client Expand file tree Collapse file tree 1 file changed +8
-0
lines changed Original file line number Diff line number Diff line change @@ -164,6 +164,10 @@ def modify_token()
164164 end
165165
166166 def write_what_where ( what , where )
167+ if where == 0
168+ raise MS17_010_Error , 'Attempted to write to a NULL pointer!'
169+ end
170+
167171 # modify trans2.InData on trans1 mid
168172 pkt = create_nt_trans_secondary_packet ( mid : @ctx [ 'trans1_mid' ] ,
169173 data : [ where ] . pack ( @ctx [ 'PTR_FMT' ] ) ,
@@ -178,6 +182,10 @@ def write_what_where(what, where)
178182 end
179183
180184 def read_data ( read_addr , read_size )
185+ if read_addr == 0
186+ raise MS17_010_Error , 'Attempted to read from a NULL pointer!'
187+ end
188+
181189 fmt = @ctx [ 'PTR_FMT' ]
182190 # modify trans2.OutParameter to leak next transaction and trans2.OutData to leak real data
183191 # modify trans2.*ParameterCount and trans2.*DataCount to limit data
You can’t perform that action at this time.
0 commit comments