| commit | b3a71bf847e3797582a2c657720726694fe424ba | |
| author | Björn Baumbach <bb@sernet.de> | |
| Tue, 6 Aug 2019 14:32:32 +0000 (6 16:32 +0200) | ||
| committer | Karolin Seeger <kseeger@samba.org> | |
| Thu, 24 Oct 2019 08:52:36 +0000 (24 10:52 +0200) | ||
| tree | ab81ab30f4b7dce437b5ba54c231156ff62e9876 | treesnapshot (tar.gz zip) |
| parent | e0e8830b88e45e3e954b1e5074cef8c8bf5406a8 | commitdiff |
CVE-2019-14833 dsdb: send full password to check password script
utf8_len represents the number of characters (not bytes) of the
password. If the password includes multi-byte characters it is required
to write the total number of bytes to the check password script.
Otherwise the last bytes of the password string would be ignored.
Therefore we rename utf8_len to be clear what it does and does
not represent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
utf8_len represents the number of characters (not bytes) of the
password. If the password includes multi-byte characters it is required
to write the total number of bytes to the check password script.
Otherwise the last bytes of the password string would be ignored.
Therefore we rename utf8_len to be clear what it does and does
not represent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
| selftest/knownfail.d/unacceptable-passwords | [deleted file] | blobblamehistory |
| source4/dsdb/common/util.c | diffblobblamehistory |