This just ensures we reject (rather than div-by-0) a corrupt
DB with a zero hash size.
Found with american fuzzy lop
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Dec 18 08:26:25 CET 2015 on sn-devel-144
errno = ENOSYS;
goto fail;
}
+
+ if (header.hash_size == 0) {
+ TDB_LOG((tdb, TDB_DEBUG_ERROR, "tdb_open_ex: invalid database: 0 hash_size\n"));
+ errno = ENOSYS;
+ goto fail;
+ }
+
tdb->hash_size = header.hash_size;
if (header.rwlocks == TDB_FEATURE_FLAG_MAGIC) {