sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-06 13:18:07 +03:00
Code

CVE-2022-32746 s4/dsdb/repl_meta_data: Use LDB_FLAG_MOD_TYPE() for flags equality check

Browse Source 
Now unrelated flags will no longer affect the result.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15009

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
This commit is contained in:
Joseph Sutton 2022-06-14 19:49:19 +12:00 committed by Jule Anger
parent 2869b5aa31
commit 535b5a366a
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
source4/dsdb/samdb/ldb_modules/repl_meta_data.c
View File

@ -3525,7 +3525,7 @@ static int replmd_modify(struct ldb_module *module, struct ldb_request *req)
return ldb_module_operr(module);
}
if (req->op.mod.message->elements[0].flags != LDB_FLAG_MOD_REPLACE) {
if (LDB_FLAG_MOD_TYPE(req->op.mod.message->elements[0].flags) != LDB_FLAG_MOD_REPLACE) {
return ldb_module_operr(module);
}
@ -3558,11 +3558,11 @@ static int replmd_modify(struct ldb_module *module, struct ldb_request *req)
return ldb_module_operr(module);
}
if (req->op.mod.message->elements[0].flags != LDB_FLAG_MOD_DELETE) {
if (LDB_FLAG_MOD_TYPE(req->op.mod.message->elements[0].flags) != LDB_FLAG_MOD_DELETE) {
return ldb_module_operr(module);
}
if (req->op.mod.message->elements[1].flags != LDB_FLAG_MOD_ADD) {
if (LDB_FLAG_MOD_TYPE(req->op.mod.message->elements[1].flags) != LDB_FLAG_MOD_ADD) {
return ldb_module_operr(module);
}
@ -3645,7 +3645,7 @@ static int replmd_modify(struct ldb_module *module, struct ldb_request *req)
return ldb_module_operr(module);
}
if (msg->elements[0].flags != LDB_FLAG_MOD_ADD) {
if (LDB_FLAG_MOD_TYPE(msg->elements[0].flags) != LDB_FLAG_MOD_ADD) {
talloc_free(ac);
return ldb_module_operr(module);
}