| commit | f3c3768d30410de8b0cc8b2ef078640bdc0864d4 | |
| author | Andrew Bartlett <abartlet@samba.org> | |
| Thu, 30 Jun 2011 04:21:51 +0000 (30 14:21 +1000) | ||
| committer | Andrew Bartlett <abartlet@samba.org> | |
| Fri, 1 Jul 2011 01:55:00 +0000 (1 03:55 +0200) | ||
| tree | d9e31e3ade9aefdea99c47e251c923785b5391f3 | treesnapshot (tar.gz zip) |
| parent | f1b1a66615bfceb4d53c11140aceba2412d0ec37 | commitdiff |
s4-dsdb guard principalName parse for invalid inputs
We need to ensure that if this parses name.name_string as just one
val, then we don't read uninitialised and possibly unallocated memory.
Found by Adam Thorn <alt36@cam.ac.uk>
While we are checking that, we need to fix the strncasecmp() check to
first check if the string is the expected length, then check for a
match against sAMAccountName-without-doller, as otherwise we will
permit a string such as machinefoo to match a sAMAccountName of
machine.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Jul 1 03:55:00 CEST 2011 on sn-devel-104
We need to ensure that if this parses name.name_string as just one
val, then we don't read uninitialised and possibly unallocated memory.
Found by Adam Thorn <alt36@cam.ac.uk>
While we are checking that, we need to fix the strncasecmp() check to
first check if the string is the expected length, then check for a
match against sAMAccountName-without-doller, as otherwise we will
permit a string such as machinefoo to match a sAMAccountName of
machine.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Jul 1 03:55:00 CEST 2011 on sn-devel-104
| source4/dsdb/samdb/ldb_modules/acl.c | diffblobblamehistory |