| commit | d4ef858ec112149f5ab5504d6367aa60d52446f5 | |
| author | Michael Hanselmann <public@hansmi.ch> | |
| Sun, 17 Mar 2019 12:49:20 +0000 (17 13:49 +0100) | ||
| committer | Karolin Seeger <kseeger@samba.org> | |
| Tue, 2 Apr 2019 09:10:56 +0000 (2 09:10 +0000) | ||
| tree | 6871069db30448b0a42ae8d5323454f3db3b59ce | treesnapshot (tar.gz zip) |
| parent | bf6a85178205b777274136cd2c2ace62a8f1a17d | commitdiff |
regfio: Improve handling of malformed registry hive files
* next_record: A malformed file can lead to an endless loop.
* regfio_rootkey: Supplying a malformed registry hive file to the
registry hive I/O code can lead to out-of-bounds reads.
Test cases are included. Both issues resolved have been identified using
AddressSanitizer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13840
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 601afd690346087fbd53819dba9b1afa81560064)
* next_record: A malformed file can lead to an endless loop.
* regfio_rootkey: Supplying a malformed registry hive file to the
registry hive I/O code can lead to out-of-bounds reads.
Test cases are included. Both issues resolved have been identified using
AddressSanitizer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13840
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 601afd690346087fbd53819dba9b1afa81560064)
| source3/registry/regfio.c | diffblobblamehistory | |
| source3/registry/tests/test_regfio.c | diffblobblamehistory | |
| testdata/samba3/regfio_corrupt_hbin1.dat | [new file with mode: 0644] | blob |
| testdata/samba3/regfio_corrupt_lf_subkeys.dat | [new file with mode: 0644] | blob |