sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-12 20:58:37 +03:00
Code

CVE-2019-14902 repl_meta_data: Set renamed = true (and so do SD inheritance) after any rename

Browse Source 
Previously if there was a conflict, but the incoming object would still
win, this was not marked as a rename, and so inheritence was not done.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Andrew Bartlett 2019-12-06 18:26:42 +13:00 committed by Karolin Seeger
parent cf95287171
commit d257c764a7
2 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
selftest/knownfail.d/repl_secdesc
View File

@ -1,2 +1 @@
^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inheirt_renamed_object_in_conflict
^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inheirt_renamed_child_object ^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inheirt_renamed_child_object

13
source4/dsdb/samdb/ldb_modules/repl_meta_data.c
View File

@ -6195,6 +6195,19 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar)
* replmd_replicated_apply_search_callback()) * replmd_replicated_apply_search_callback())
*/ */
ret = replmd_replicated_handle_rename(ar, msg, ar->req, &renamed); ret = replmd_replicated_handle_rename(ar, msg, ar->req, &renamed);
/*
* This looks strange, but we must set this after any
* rename, otherwise the SD propegation will not
* happen (which might matter if we have a new parent)
*
* The additional case of calling
* replmd_op_name_modify_callback (below) is:
* - a no-op if there was no name change
* and
* - called in the default case regardless.
*/
renamed = true;
} }
if (ret != LDB_SUCCESS) { if (ret != LDB_SUCCESS) {