sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-03 13:47:25 +03:00
Code

CVE-2022-32746 s4/dsdb/partition: Fix LDB flags comparison

Browse Source 
LDB_FLAG_MOD_* values are not actually flags, and the previous
comparison was equivalent to

(req_msg->elements[el_idx].flags & LDB_FLAG_MOD_MASK) != 0

which is true whenever any of the LDB_FLAG_MOD_* values are set. Correct
the expression to what it was probably intended to be.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15009

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
This commit is contained in:
Joseph Sutton 2022-06-21 14:41:02 +12:00 committed by Jule Anger
parent 852a79c63c
commit d178a06140
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
source4/dsdb/samdb/ldb_modules/partition.c
View File

@ -493,8 +493,8 @@ static int partition_copy_all_callback_action(
* them here too
*/
for (el_idx=0; el_idx < req_msg->num_elements; el_idx++) {
if (req_msg->elements[el_idx].flags & LDB_FLAG_MOD_DELETE
|| ((req_msg->elements[el_idx].flags & LDB_FLAG_MOD_REPLACE) &&
if (LDB_FLAG_MOD_TYPE(req_msg->elements[el_idx].flags) == LDB_FLAG_MOD_DELETE
|| ((LDB_FLAG_MOD_TYPE(req_msg->elements[el_idx].flags) == LDB_FLAG_MOD_REPLACE) &&
req_msg->elements[el_idx].num_values == 0)) {
if (ldb_msg_find_element(modify_msg,
req_msg->elements[el_idx].name) != NULL) {