sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-12-12 12:23:50 +03:00
Code Activity

CVE-2019-12435 rpc/dns: avoid NULL deference if zone not found in DnssrvOperation

Browse Source 
We still want to return DOES_NOT_EXIST when request_filter is not 0.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13922

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Douglas Bagnall
2019-05-22 12:58:01 +12:00
committed by Karolin Seeger
parent f04260ce02
commit 7ea74d55ad
2 changed files with 31 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
python/samba/tests/dcerpc/dnsserver.py
View File

@@ -28,6 +28,7 @@ from samba.dcerpc import dnsp, dnsserver, security
from samba.tests import RpcInterfaceTestCase, env_get_var_value
from samba.netcmd.dns import ARecord, AAAARecord, PTRRecord, CNameRecord, NSRecord, MXRecord, SRVRecord, TXTRecord
from samba import sd_utils, descriptor
from samba import WERRORError, werror
class DnsserverTests(RpcInterfaceTestCase):
@@ -707,6 +708,30 @@ class DnsserverTests(RpcInterfaceTestCase):
'ServerInfo')
self.assertEquals(dnsserver.DNSSRV_TYPEID_SERVER_INFO, typeid)
# This test is to confirm that we do not support multizone operations,
# which are designated by a non-zero dwContext value (the 3rd argument
# to DnssrvOperation).
def test_operation_invalid(self):
non_zone = 'a-zone-that-does-not-exist'
typeid = dnsserver.DNSSRV_TYPEID_NAME_AND_PARAM
name_and_param = dnsserver.DNS_RPC_NAME_AND_PARAM()
name_and_param.pszNodeName = 'AllowUpdate'
name_and_param.dwParam = dnsp.DNS_ZONE_UPDATE_SECURE
try:
res = self.conn.DnssrvOperation(self.server,
non_zone,
1,
'ResetDwordProperty',
typeid,
name_and_param)
except WERRORError as e:
if e.args[0] == werror.WERR_DNS_ERROR_ZONE_DOES_NOT_EXIST:
return
# We should always encounter a DOES_NOT_EXIST error.
self.fail()
def test_operation2(self):
client_version = dnsserver.DNS_CLIENT_VERSION_LONGHORN
rev_zone = '1.168.192.in-addr.arpa'