git.samba.org - samba.git/commit

author	Gary Lockyer <gary@catalyst.net.nz>
	Thu, 2 Apr 2020 02:25:53 +0000 (15:25 +1300)
committer	Gary Lockyer <gary@samba.org>
	Mon, 4 May 2020 02:59:32 +0000 (02:59 +0000)
commit	b0832d20163146e59586de5556a3ef75187f600f
tree	2299a228c7d3d4e797448899c8e8808b73c35605	tree
parent	f467727db5ff6a6e58d9b590e4d443a1d974b679	commit \| diff

CVE-2020-10704: libcli ldap: test recursion depth in ldap_decode_filter_tree

Add tests to check that ASN.1 ldap requests with deeply nested elements
are rejected. Previously there was no check on the on the depth of
nesting and excessive nesting could cause a stack overflow.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

libcli/ldap/tests/data/10000-or.dat	[new file with mode: 0644]	blob
libcli/ldap/tests/data/ldap-recursive.dat	[new file with mode: 0644]	blob
libcli/ldap/tests/ldap_message_test.c	[new file with mode: 0644]	blob
libcli/ldap/wscript_build		diff \| blob \| history
selftest/knownfail.d/ldap_message	[new file with mode: 0644]	blob
source4/selftest/tests.py		diff \| blob \| history