1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

CVE-2018-1057: s4:dsdb/acl: remove unused else branches in acl_check_password_rights()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Ralph Boehme 2018-02-15 17:38:31 +01:00 committed by Stefan Metzmacher
parent 2fea9ee701
commit 39e689aa70

View File

@ -1016,14 +1016,24 @@ static int acl_check_password_rights(TALLOC_CTX *mem_ctx,
sid);
goto checked;
}
else if (rep_attr_cnt > 0 || (add_attr_cnt != del_attr_cnt)) {
if (rep_attr_cnt > 0) {
ret = acl_check_extended_right(tmp_ctx, sd, acl_user_token(module),
GUID_DRS_FORCE_CHANGE_PASSWORD,
SEC_ADS_CONTROL_ACCESS,
sid);
goto checked;
}
else if (add_attr_cnt == 1 && del_attr_cnt == 1) {
if (add_attr_cnt != del_attr_cnt) {
ret = acl_check_extended_right(tmp_ctx, sd, acl_user_token(module),
GUID_DRS_FORCE_CHANGE_PASSWORD,
SEC_ADS_CONTROL_ACCESS,
sid);
goto checked;
}
if (add_attr_cnt == 1 && del_attr_cnt == 1) {
ret = acl_check_extended_right(tmp_ctx, sd, acl_user_token(module),
GUID_DRS_USER_CHANGE_PASSWORD,
SEC_ADS_CONTROL_ACCESS,