git.samba.org / garming / samba-autobuild / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3f95957) | patch
CVE-2018-1140 ldb_tdb: Ensure the dn in distinguishedName= is valid before use
authorAndrew Bartlett <abartlet@samba.org>
Mon, 21 May 2018 03:20:26 +0000 (15:20 +1200)
committerKarolin Seeger <kseeger@samba.org>
Tue, 14 Aug 2018 11:57:15 +0000 (13:57 +0200)
commitb27d973341144a03db8dc824bfb3e5c65868fe7e
treedd53d158a6079114e6b0c55ba5b215c4de9c9401tree
parent3f95957d6de321c803a66f3ec67a8ff09befd16dcommit | diff
CVE-2018-1140 ldb_tdb: Ensure the dn in distinguishedName= is valid before use

ldb_dn_from_ldb_val() does not validate this untrusted input, so a later
call to ldb_dn_get_casefold() can fail if the input is not valid.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
lib/ldb/ldb_key_value/ldb_kv_index.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.