| commit | 9a3ee861e43f84d48ef47998ceeb3bbf29f0c948 | |
| author | Jeremy Allison <jra@samba.org> | |
| Thu, 21 Mar 2019 21:51:30 +0000 (21 14:51 -0700) | ||
| committer | Karolin Seeger <kseeger@samba.org> | |
| Fri, 5 Apr 2019 07:14:54 +0000 (5 09:14 +0200) | ||
| tree | 01ab5c5c8e0395487fe3a553677272d933bceb6e | treesnapshot (tar.gz zip) |
| parent | 2d67f62153b6961df4b0172231dc5508031f8861 | commitdiff |
CVE-2019-3880 s3: rpc: winreg: Remove implementations of SaveKey/RestoreKey.
The were not using VFS backend calls and could only work
locally, and were unsafe against symlink races and other
security issues.
If the incoming handle is valid, return WERR_BAD_PATHNAME.
[MS-RRP] states "The format of the file name is implementation-specific"
so ensure we don't allow this.
As reported by Michael Hanselmann.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13851
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The were not using VFS backend calls and could only work
locally, and were unsafe against symlink races and other
security issues.
If the incoming handle is valid, return WERR_BAD_PATHNAME.
[MS-RRP] states "The format of the file name is implementation-specific"
so ensure we don't allow this.
As reported by Michael Hanselmann.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13851
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
| source3/rpc_server/winreg/srv_winreg_nt.c | diffblobblamehistory |