mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
lib/fuzzing: adjust access-check seed patch
Now that access_check.c includes headers for conditional ACEs, the patch should take that into account. Also, we check for a talloc failure. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
ea4caa45ab
commit
cc17c3e21d
@ -1,4 +1,4 @@
|
||||
From bf2adac3a271fae551a726dc21dc9111bd7320be Mon Sep 17 00:00:00 2001
|
||||
From b461fdf28c71b54ad5ebe663ea09212856e61973 Mon Sep 17 00:00:00 2001
|
||||
From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
||||
Date: Mon, 17 Jul 2023 16:17:16 +1200
|
||||
Subject: [PATCH 1/2] libcli/security: save access check attempts for fuzz
|
||||
@ -36,23 +36,23 @@ down much, but it will capture your SIDs and ACLs.
|
||||
|
||||
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
||||
---
|
||||
libcli/security/access_check.c | 76 ++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 76 insertions(+)
|
||||
libcli/security/access_check.c | 79 ++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 79 insertions(+)
|
||||
|
||||
diff --git a/libcli/security/access_check.c b/libcli/security/access_check.c
|
||||
index 81bacc90e78..9c3e4cfe966 100644
|
||||
index 1364a15f4dd..d79a247455a 100644
|
||||
--- a/libcli/security/access_check.c
|
||||
+++ b/libcli/security/access_check.c
|
||||
@@ -24,6 +24,8 @@
|
||||
#include "replace.h"
|
||||
#include "lib/util/debug.h"
|
||||
@@ -26,6 +26,8 @@
|
||||
#include "libcli/security/security.h"
|
||||
#include "librpc/gen_ndr/conditional_ace.h"
|
||||
#include "libcli/security/conditional_ace.h"
|
||||
+#include "ndr/libndr.h"
|
||||
+#include "gen_ndr/ndr_security.h"
|
||||
|
||||
/* Map generic access rights to object specific rights. This technique is
|
||||
used to give meaning to assigning read, write, execute and all access to
|
||||
@@ -103,6 +105,74 @@ void se_map_standard(uint32_t *access_mask, const struct standard_mapping *mappi
|
||||
@@ -105,6 +107,77 @@ void se_map_standard(uint32_t *access_mask, const struct standard_mapping *mappi
|
||||
}
|
||||
}
|
||||
|
||||
@ -101,6 +101,9 @@ index 81bacc90e78..9c3e4cfe966 100644
|
||||
+ }
|
||||
+ }
|
||||
+ tmp_ctx = talloc_new(NULL);
|
||||
+ if (tmp_ctx == NULL) {
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
+ n++;
|
||||
+ ndr_err = ndr_push_struct_blob(
|
||||
@ -127,7 +130,7 @@ index 81bacc90e78..9c3e4cfe966 100644
|
||||
/*
|
||||
perform a SEC_FLAG_MAXIMUM_ALLOWED access check
|
||||
*/
|
||||
@@ -115,6 +185,8 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
|
||||
@@ -117,6 +190,8 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
|
||||
bool have_owner_rights_ace = false;
|
||||
unsigned i;
|
||||
|
||||
@ -136,7 +139,7 @@ index 81bacc90e78..9c3e4cfe966 100644
|
||||
if (sd->dacl == NULL) {
|
||||
if (security_token_has_sid(token, sd->owner_sid)) {
|
||||
switch (implicit_owner_rights) {
|
||||
@@ -211,6 +283,8 @@ static NTSTATUS se_access_check_implicit_owner(const struct security_descriptor
|
||||
@@ -222,6 +297,8 @@ static NTSTATUS se_access_check_implicit_owner(const struct security_descriptor
|
||||
bool am_owner = false;
|
||||
bool have_owner_rights_ace = false;
|
||||
|
||||
@ -145,7 +148,7 @@ index 81bacc90e78..9c3e4cfe966 100644
|
||||
*access_granted = access_desired;
|
||||
bits_remaining = access_desired;
|
||||
|
||||
@@ -528,6 +602,8 @@ NTSTATUS sec_access_check_ds_implicit_owner(const struct security_descriptor *sd
|
||||
@@ -613,6 +690,8 @@ NTSTATUS sec_access_check_ds_implicit_owner(const struct security_descriptor *sd
|
||||
uint32_t bits_remaining;
|
||||
struct dom_sid self_sid;
|
||||
|
||||
@ -158,7 +161,7 @@ index 81bacc90e78..9c3e4cfe966 100644
|
||||
2.34.1
|
||||
|
||||
|
||||
From d79328bdac90ed16b9162cbfe10a4ed8bedbc073 Mon Sep 17 00:00:00 2001
|
||||
From 12bf242cece202658fe61f1c7408709d092632ea Mon Sep 17 00:00:00 2001
|
||||
From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
||||
Date: Tue, 18 Jul 2023 16:07:11 +1200
|
||||
Subject: [PATCH 2/2] scripts: a script for deduplicating fuzz-seeds
|
||||
|
Loading…
Reference in New Issue
Block a user