sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-11 16:58:40 +03:00
Code

CVE-2023-0614 s4-acl: Avoid calling dsdb_module_am_system() if we can help it

Browse Source 
If the AS_SYSTEM control is present, we know we have system privileges,
and have no need to call dsdb_module_am_system().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Joseph Sutton 2023-02-27 13:31:44 +13:00 committed by Jule Anger
parent 9447c4e81e
commit 353d3df3dd
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
source4/dsdb/samdb/ldb_modules/acl_read.c
View File

@ -860,7 +860,7 @@ static int aclread_search(struct ldb_module *module, struct ldb_request *req)
int ret;
struct aclread_context *ac;
struct ldb_request *down_req;
struct ldb_control *as_system = ldb_request_get_control(req, LDB_CONTROL_AS_SYSTEM_OID);
bool am_system;
struct ldb_result *res;
struct aclread_private *p;
bool need_sd = false;
@ -877,11 +877,16 @@ static int aclread_search(struct ldb_module *module, struct ldb_request *req)
ldb = ldb_module_get_ctx(module);
p = talloc_get_type(ldb_module_get_private(module), struct aclread_private);
am_system = ldb_request_get_control(req, LDB_CONTROL_AS_SYSTEM_OID) != NULL;
if (!am_system) {
am_system = dsdb_module_am_system(module);
}
/* skip access checks if we are system or system control is supplied
* or this is not LDAP server request */
if (!p || !p->enabled ||
dsdb_module_am_system(module)
|| as_system || !is_untrusted) {
am_system ||
!is_untrusted) {
return ldb_next_request(module, req);
}
/* no checks on special dn */