Fix ManagedNtlm on big-endian architectures#124598

Merged

rzikm merged 4 commits intodotnet:mainfrom

ShreyaLaxminarayan:ntlm

Feb 23, 2026

Contributor

ShreyaLaxminarayan commented Feb 19, 2026

Fixes multiple endianness bugs in ManagedNtlm that caused incorrect behavior on big-endian platforms.
Validated via existing Ntlm test cases.

ShreyaLaxminarayan and others added 2 commits

February 19, 2026 14:25


          Added big-endian support for ManagedNtlm

91fc6d6


          Merge branch 'main' into ntlm

855ba8e

github-actions bot added the area-System.Net.Security label

dotnet-policy-service bot added the community-contribution label

Contributor Author

ShreyaLaxminarayan commented Feb 19, 2026

@uweigand @giritrivedi @saitama951

Contributor

dotnet-policy-service bot commented Feb 19, 2026

Tagging subscribers to this area: @dotnet/ncl, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

build-analysis bot mentioned this pull request

[android][clr] No peer certificates when executing System.Net.Http.Functional.Tests on Android emulator #124526

Open

wfurt reviewed

View reviewed changes

src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs Outdated Show resolved Hide resolved

wfurt approved these changes

View reviewed changes

Member

wfurt left a comment

LGTM in general.

rzikm reviewed

View reviewed changes

src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs Outdated Show resolved Hide resolved

ShreyaLaxminarayan added 2 commits

February 23, 2026 07:10


          Added getters and setters to deal with endianness

5cfc009


          Fixed typo

a8cb92d

rzikm approved these changes

View reviewed changes

Member

rzikm left a comment

LGTM, Thanks!

build-analysis bot mentioned this pull request

FileSystemWatcher_SymbolicLink_TargetsDirectory_Create_IncludeSubdirectories failed with missed event #124677

Open

rzikm merged commit 84057bb into dotnet:main

86 of 90 checks passed

gfoidl reviewed

View reviewed changes

Member

gfoidl left a comment

Nit: spaces for code-style.

src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs

Comment on lines +134 to +135

		readonly get =>BitConverter.IsLittleEndian? _payloadOffset: BinaryPrimitives.ReverseEndianness(_payloadOffset);
		set =>_payloadOffset = BitConverter.IsLittleEndian? value: BinaryPrimitives.ReverseEndianness(value);

Member

gfoidl Feb 23, 2026

Nit:

Suggested change

      
                                readonly get =>BitConverter.IsLittleEndian? _payloadOffset: BinaryPrimitives.ReverseEndianness(_payloadOffset);
          
                                set =>_payloadOffset = BitConverter.IsLittleEndian? value: BinaryPrimitives.ReverseEndianness(value);
          
                                readonly get => BitConverter.IsLittleEndian? _payloadOffset: BinaryPrimitives.ReverseEndianness(_payloadOffset);
          
                                set => _payloadOffset = BitConverter.IsLittleEndian? value: BinaryPrimitives.ReverseEndianness(value);

src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs

Comment on lines +161 to +162

		readonly get =>BitConverter.IsLittleEndian? _productBuild: BinaryPrimitives.ReverseEndianness(_productBuild);
		set =>_productBuild = BitConverter.IsLittleEndian? value: BinaryPrimitives.ReverseEndianness(value);

Member

gfoidl Feb 23, 2026

Suggested change

      
                                readonly get =>BitConverter.IsLittleEndian? _productBuild: BinaryPrimitives.ReverseEndianness(_productBuild);
          
                                set =>_productBuild = BitConverter.IsLittleEndian? value: BinaryPrimitives.ReverseEndianness(value);
          
                                readonly get => BitConverter.IsLittleEndian? _productBuild: BinaryPrimitives.ReverseEndianness(_productBuild);
          
                                set => _productBuild = BitConverter.IsLittleEndian? value: BinaryPrimitives.ReverseEndianness(value);

src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs

Comment on lines +177 to +178

		readonly get =>BitConverter.IsLittleEndian? _flags: (Flags)BinaryPrimitives.ReverseEndianness((uint)_flags);
		set =>_flags = BitConverter.IsLittleEndian? value: (Flags)BinaryPrimitives.ReverseEndianness((uint)value);

Member

gfoidl Feb 23, 2026

Suggested change

      
                                readonly get =>BitConverter.IsLittleEndian? _flags: (Flags)BinaryPrimitives.ReverseEndianness((uint)_flags);
          
                                set =>_flags = BitConverter.IsLittleEndian? value: (Flags)BinaryPrimitives.ReverseEndianness((uint)value);
          
                                readonly get => BitConverter.IsLittleEndian? _flags: (Flags)BinaryPrimitives.ReverseEndianness((uint)_flags);
          
                                set => _flags = BitConverter.IsLittleEndian? value: (Flags)BinaryPrimitives.ReverseEndianness((uint)value);

dotnet-maestro bot mentioned this pull request

[main] Source code updates from dotnet/runtime dotnet/dotnet#5050

Merged

Contributor Author

ShreyaLaxminarayan commented Feb 26, 2026 •

edited

Loading

@rzikm @wfurt Unfortunately, the getters and setters method doesn't resolve the endianness issues because of MemoryMarshal.AsRef. We would have to go with the previous commit 91fc6d6. What can be done?

Member

rzikm commented Feb 26, 2026

@rzikm @wfurt Unfortunately, the getters and setters method doesn't resolve the endianness issues because of MemoryMarshal.AsRef. We would have to go with the previous commit 91fc6d6. What can be done?

Can you be more specific, what about the MemoryMarshal.AsRef is making the changes broken?

Contributor Author

ShreyaLaxminarayan commented Feb 27, 2026

MemoryMarshal.AsRef is writing the fields in little-endian, not in the correct byte order overwriting the struct fields with little-endian data.

Member

rzikm commented Feb 27, 2026

MemoryMarshal.AsRef is not writing anything, if you cast Span<byte> to e.g. ref MessageField, the getters/setters added in the PR should take care of endianness conversion on read/write. Similarly, if you create MessageField variable on it's own and copy it to a ref MessageField variable, the backing data should already have the correct endianness. Same if you cast the source MessageField to Span<byte> and copy the raw bytes to the target buffer.

Can you point to the specific piece of code where you see the problem, or give a code example where the pattern does not work?

Contributor Author

ShreyaLaxminarayan commented Feb 27, 2026

https://github.com/dotnet/runtime/blob/main/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs#L582
https://github.com/dotnet/runtime/blob/main/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs#L593

Here, challengeMessage.TargetInfo.Length and challengeMessage.TargetInfo.MaximumLength are endian flipped. Can you help me with this?

Member

rzikm commented Mar 2, 2026

I believe that is because the Length and MaximumLength fields are not corrected for endianness when reading

runtime/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs

Lines 126 to 137 in 1fd4dda

    
           [StructLayout(LayoutKind.Sequential)] 
        
           private unsafe struct MessageField 
        
           { 
        
               public ushort Length; 
        
               public ushort MaximumLength; 
        
               private int _payloadOffset; 
        
               public int PayloadOffset 
        
               { 
        
                   readonly get =>BitConverter.IsLittleEndian? _payloadOffset: BinaryPrimitives.ReverseEndianness(_payloadOffset); 
        
                   set =>_payloadOffset = BitConverter.IsLittleEndian? value: BinaryPrimitives.ReverseEndianness(value); 
        
               } 
        
           }

Copilot AI mentioned this pull request

Fix missing big-endian conversions for multi-byte NTLM wire fields #125039

Open

iremyux pushed a commit to iremyux/dotnet-runtime that referenced this pull request


          Fix ManagedNtlm on big-endian architectures (dotnet#124598)

d3dc818

Fixes multiple endianness bugs in ManagedNtlm that caused incorrect
behavior on big-endian platforms.
Validated via existing Ntlm test cases.

Contributor

saitama951 commented Mar 3, 2026 •

edited

Loading

@rzikm I think
the assertion happens here (http://148.100.85.217:8080/job/daily-builds/211/consoleFull)

runtime/src/libraries/Common/tests/System/Net/Security/FakeNtlmServer.cs

Lines 306 to 307 in c30eec2

    
           Flags flags = (Flags)BinaryPrimitives.ReadUInt32LittleEndian(incomingBlob.AsSpan(60)); 
        
           Assert.Equal(_requiredFlags, (flags & _requiredFlags));

we don't write in little endian order here, since response is of type AuthenticateMessage I don't see a getter / setter for the endianess here.

runtime/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs

Lines 645 to 646 in 7356734

    
           response.Header.MessageType = MessageType.Authenticate; 
        
           response.Flags = s_requiredFlags | (flags & Flags.NegotiateSeal);

https://github.com/dotnet/runtime/blob/main/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs#L206

while the original commit did handle this (the case where the test passed)
91fc6d6#diff-07ef1e3bc82826f3e53cb6d9d9f4efef56b93b428ebef12c806ca209063ce74bR632

The file already consists of various getters and setter, which take care of the endinanness, i.e GetField and SetField ,

runtime/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs

Lines 324 to 360 in 7356734

    
           private static unsafe int GetFieldLength(MessageField field) 
        
           { 
        
               ReadOnlySpan<byte> span = new ReadOnlySpan<byte>(&field, sizeof(MessageField)); 
        
               return BinaryPrimitives.ReadInt16LittleEndian(span); 
        
           } 
        
           private static unsafe int GetFieldOffset(MessageField field) 
        
           { 
        
               ReadOnlySpan<byte> span = new ReadOnlySpan<byte>(&field, sizeof(MessageField)); 
        
               return BinaryPrimitives.ReadInt16LittleEndian(span.Slice(4)); 
        
           } 
        
           private static ReadOnlySpan<byte> GetField(MessageField field, ReadOnlySpan<byte> payload) 
        
           { 
        
               int offset = GetFieldOffset(field); 
        
               int length = GetFieldLength(field); 
        
               if (length == 0 || offset + length > payload.Length) 
        
               { 
        
                   return ReadOnlySpan<byte>.Empty; 
        
               } 
        
               return payload.Slice(GetFieldOffset(field), GetFieldLength(field)); 
        
           } 
        
           private static unsafe void SetField(ref MessageField field, int length, int offset) 
        
           { 
        
               if (length is < 0 or > short.MaxValue) 
        
               { 
        
                   throw new Win32Exception(NTE_FAIL); 
        
               } 
        
               Span<byte> span = MemoryMarshal.AsBytes(new Span<MessageField>(ref field)); 
        
               BinaryPrimitives.WriteInt16LittleEndian(span, (short)length); 
        
               BinaryPrimitives.WriteInt16LittleEndian(span.Slice(2), (short)length); 
        
               BinaryPrimitives.WriteInt32LittleEndian(span.Slice(4), offset); 
        
           }

can't we reuse those?

ShreyaLaxminarayan added a commit to ShreyaLaxminarayan/runtime that referenced this pull request


          Fix ManagedNTLM faiures on Big endian architectures

091b9b4

- Fixed several endian bugs in ManagedNTLM implementation.
- This is a follow-up to PR dotnet#124598

ShreyaLaxminarayan mentioned this pull request

Fix ManagedNTLM failures on Big endian architecture. #125103

Closed

ShreyaLaxminarayan deleted the ntlm branch

March 3, 2026 07:27

Member

rzikm commented Mar 3, 2026

#125039 should be addressing these, let's move conversation there if necessary.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area-System.Net.Security community-contribution