39 lines
1.2 KiB
Diff
39 lines
1.2 KiB
Diff
From f72090064bd674ea3a6d6b2e7556a9a85bb01df6 Mon Sep 17 00:00:00 2001
|
|
From: Joseph Sutton <josephsutton@catalyst.net.nz>
|
|
Date: Thu, 26 Aug 2021 13:53:23 +1200
|
|
Subject: [PATCH] CVE-2021-3670 ldap_server: Set timeout on requests based on
|
|
MaxQueryDuration
|
|
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14694
|
|
|
|
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
|
|
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
(cherry picked from commit 86fe9d48883f87c928bf31ccbd275db420386803)
|
|
---
|
|
source4/ldap_server/ldap_backend.c | 12 +++++++++++-
|
|
1 file changed, 11 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c
|
|
index e19f82cf5dfa..c7405f666437 100644
|
|
--- a/source4/ldap_server/ldap_backend.c
|
|
+++ b/source4/ldap_server/ldap_backend.c
|
|
@@ -869,7 +869,17 @@ static NTSTATUS ldapsrv_SearchRequest(struct ldapsrv_call *call)
|
|
}
|
|
}
|
|
|
|
- ldb_set_timeout(samdb, lreq, req->timelimit);
|
|
+ {
|
|
+ time_t timeout = call->conn->limits.search_timeout;
|
|
+
|
|
+ if (timeout == 0
|
|
+ || (req->timelimit != 0
|
|
+ && req->timelimit < timeout))
|
|
+ {
|
|
+ timeout = req->timelimit;
|
|
+ }
|
|
+ ldb_set_timeout(samdb, lreq, timeout);
|
|
+ }
|
|
|
|
if (!call->conn->is_privileged) {
|
|
ldb_req_mark_untrusted(lreq);
|