sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code

CVE-2019-10218 - s3: libsmb: Protect SMB2 client code from evil server returned names.

Browse Source 
Disconnect with NT_STATUS_INVALID_NETWORK_RESPONSE if so.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14071

Signed-off-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Jeremy Allison 2019-08-06 12:08:09 -07:00 committed by Karolin Seeger
parent 9f7a622b2b
commit 7ccc302b4b
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
source3/libsmb/cli_smb2_fnum.c
View File

@ -1442,6 +1442,13 @@ NTSTATUS cli_smb2_list(struct cli_state *cli,
goto fail;
}
/* Protect against server attack. */
status = is_bad_finfo_name(cli, finfo);
if (!NT_STATUS_IS_OK(status)) {
smbXcli_conn_disconnect(cli->conn, status);
goto fail;
}
if (dir_check_ftype((uint32_t)finfo->mode,
(uint32_t)attribute)) {
/*