sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00
Code

CVE-2020-14303 Ensure an empty packet will not DoS the NBT server

Browse Source 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Andrew Bartlett 2020-06-25 11:59:54 +12:00 committed by Karolin Seeger
parent 17fc8d2bfb
commit b232a7bc54
2 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
python/samba/tests/dns_packet.py
View File

@ -156,6 +156,19 @@ class TestDnsPacketBase(TestCase):
rcode = self.decode_reply(data)['rcode']
return expected_rcode == rcode
def _test_empty_packet(self):
packet = b""
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.sendto(packet, self.server)
s.close()
# It is reasonable not to reply to an empty packet
# but it is not reasonable to render the server
# unresponsive.
ok = self._known_good_query()
self.assertTrue(ok, f"the server is unresponsive")
class TestDnsPackets(TestDnsPacketBase):
server = (SERVER, 53)
@ -174,6 +187,9 @@ class TestDnsPackets(TestDnsPacketBase):
label = b'x.' * 31 + b'x'
self._test_many_repeated_components(label, 127)
def test_empty_packet(self):
self._test_empty_packet()
class TestNbtPackets(TestDnsPacketBase):
server = (SERVER, 137)
@ -209,3 +225,6 @@ class TestNbtPackets(TestDnsPacketBase):
def test_127_half_dotty_components(self):
label = b'x.' * 31 + b'x'
self._test_many_repeated_components(label, 127)
def test_empty_packet(self):
self._test_empty_packet()

1
selftest/knownfail.d/empty-nbt Normal file
View File

@ -0,0 +1 @@
^samba.tests.dns_packet.samba.tests.dns_packet.TestNbtPackets.test_empty_packet