packages/samba
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
samba/backport-0030-CVE-2020-25722-s4-dsdb-samldb-samldb_fsmo_role_owner.patch
haochenstar 8378df4821 fix CVE-2020-25717,CVE-2020-25718,CVE-2020-25719,CVE-2020-25721,CVE-2020-25722,CVE-2016-2124,CVE-2021-3738 
(cherry picked from commit aee849c6c0708056f62f6445e3b5274d1cec6408)
2022-01-19 11:41:35 +08:00

64 lines
1.9 KiB
Diff
Raw Blame History

From 2a57c6e2f6a11698054afb2d9b173e5627eabb89 Mon Sep 17 00:00:00 2001
From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Date: Thu, 21 Oct 2021 12:52:07 +1300
Subject: [PATCH 170/266] CVE-2020-25722 s4/dsdb/samldb:
samldb_fsmo_role_owner_check() wants one value
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14876
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Conflict:NA
Reference:https://gitlab.com/samba-team/samba/-/commit/2a57c6e2f6a11698054afb2d9b173e5627eabb89
---
source4/dsdb/samdb/ldb_modules/samldb.c | 17 ++++++++++++-----
1 file changed, 12 insertions(+), 5 deletions(-)
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index d75277b3853..810365ca030 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -4315,6 +4315,9 @@ static int samldb_fsmo_role_owner_check(struct samldb_ctx *ac)
/* we are not affected */
return LDB_SUCCESS;
}
+ if (el->num_values != 1) {
+ goto choose_error_code;
+ }
/* Create a temporary message for fetching the "fSMORoleOwner" */
tmp_msg = ldb_msg_new(ac->msg);
@@ -4331,11 +4334,7 @@ static int samldb_fsmo_role_owner_check(struct samldb_ctx *ac)
if (res_dn == NULL) {
ldb_set_errstring(ldb,
"samldb: 'fSMORoleOwner' attributes have to reference 'nTDSDSA' entries!");
- if (ac->req->operation == LDB_ADD) {
- return LDB_ERR_CONSTRAINT_VIOLATION;
- } else {
- return LDB_ERR_UNWILLING_TO_PERFORM;
- }
+ goto choose_error_code;
}
/* Fetched DN has to reference a "nTDSDSA" entry */
@@ -4355,6 +4354,14 @@ static int samldb_fsmo_role_owner_check(struct samldb_ctx *ac)
talloc_free(res);
return LDB_SUCCESS;
+
+choose_error_code:
+ /* this is just how it is */
+ if (ac->req->operation == LDB_ADD) {
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ } else {
+ return LDB_ERR_UNWILLING_TO_PERFORM;
+ }
}
/*
--
2.23.0
Reference in New Issue View Git Blame Copy Permalink