packages/samba
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
samba/CVE-2020-10730-6.patch

36 lines
1.2 KiB
Diff
Raw Blame History

From c7608e43c933d9a33d94e32371080e64cc1d4fcb Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 6 May 2020 17:05:30 +1200
Subject: [PATCH 06/22] CVE-2020-10730: dsdb: Fix crash when vlv and
paged_results are combined
The GUID is not returned in the DN for some reason in this (to be banned)
combination.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
---
source4/dsdb/samdb/ldb_modules/paged_results.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/source4/dsdb/samdb/ldb_modules/paged_results.c b/source4/dsdb/samdb/ldb_modules/paged_results.c
index dc211dd18ce..f720a2e4337 100644
--- a/source4/dsdb/samdb/ldb_modules/paged_results.c
+++ b/source4/dsdb/samdb/ldb_modules/paged_results.c
@@ -416,6 +416,10 @@ static int paged_search_callback(struct ldb_request *req,
guid_blob = ldb_dn_get_extended_component(ares->message->dn,
"GUID");
+ if (guid_blob == NULL) {
+ return ldb_module_done(ac->req, NULL, NULL,
+ LDB_ERR_OPERATIONS_ERROR);
+ }
status = GUID_from_ndr_blob(guid_blob, &guid);
if (!NT_STATUS_IS_OK(status)) {
return ldb_module_done(ac->req, NULL, NULL,
--
2.17.1
Reference in New Issue View Git Blame Copy Permalink