| commit | 4f86beeaf3408383385ee99a74520a805dd63c0f | |
| author | Tim Beale <timbeale@catalyst.net.nz> | |
| Mon, 12 Nov 2018 23:24:16 +0000 (13 12:24 +1300) | ||
| committer | Karolin Seeger <kseeger@samba.org> | |
| Sun, 25 Nov 2018 13:47:06 +0000 (25 14:47 +0100) | ||
| tree | 06bba40d5f5db0f7fc3f4fb2b91e8908dabac0ef | treesnapshot (tar.gz zip) |
| parent | ec9cc4ed5a05490297cde3fcaac50eeeaaca8469 | commitdiff |
CVE-2018-16857 dsdb/util: Correctly treat lockOutObservationWindow as 64-bit int
Commit 442a38c918ae1666b35 refactored some code into a new
get_lockout_observation_window() function. However, in moving the code,
an ldb_msg_find_attr_as_int64() inadvertently got converted to a
ldb_msg_find_attr_as_int().
ldb_msg_find_attr_as_int() will only work for values up to -2147483648
(about 3.5 minutes in MS timestamp form). Unfortunately, the automated
tests used a low enough timeout that they still worked, however,
password lockout would not work with the Samba default settings.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Commit 442a38c918ae1666b35 refactored some code into a new
get_lockout_observation_window() function. However, in moving the code,
an ldb_msg_find_attr_as_int64() inadvertently got converted to a
ldb_msg_find_attr_as_int().
ldb_msg_find_attr_as_int() will only work for values up to -2147483648
(about 3.5 minutes in MS timestamp form). Unfortunately, the automated
tests used a low enough timeout that they still worked, however,
password lockout would not work with the Samba default settings.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
| selftest/knownfail.d/password_lockout | diffblobblamehistory | |
| source4/dsdb/common/util.c | diffblobblamehistory |