sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-26 01:49:31 +03:00
Code Activity

CVE-2023-4154 librpc ndr/py_security: Export ACE deletion functions to python

Browse Source 
Exported security_descriptor_sacl_del and security_descriptor_dacl_del as new methods of the
security descriptor class to python.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424

Signed-off-by: Christian Merten <christian@merten.dev>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 84a54d2fa2)
This commit is contained in:
Christian Merten
2022-09-19 23:01:34 +02:00
committed by Jule Anger
parent 8c0be1d17a
commit d7034c4194
1 changed files with 51 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
source4/librpc/ndr/py_security.c
View File

@ -234,6 +234,52 @@ static PyObject *py_descriptor_sacl_del(PyObject *self, PyObject *args)
Py_RETURN_NONE;
}
static PyObject *py_descriptor_dacl_del_ace(PyObject *self, PyObject *args)
{
struct security_descriptor *desc = pytalloc_get_ptr(self);
NTSTATUS status;
struct security_ace *ace = NULL;
PyObject *py_ace = Py_None;
if (!PyArg_ParseTuple(args, "O!", &security_ace_Type, &py_ace))
return NULL;
if (!PyObject_TypeCheck(py_ace, &security_ace_Type)) {
PyErr_SetString(PyExc_TypeError,
"expected security.security_ace "
"for first argument to .dacl_del_ace");
return NULL;
}
ace = pytalloc_get_ptr(py_ace);
status = security_descriptor_dacl_del_ace(desc, ace);
PyErr_NTSTATUS_IS_ERR_RAISE(status);
Py_RETURN_NONE;
}
static PyObject *py_descriptor_sacl_del_ace(PyObject *self, PyObject *args)
{
struct security_descriptor *desc = pytalloc_get_ptr(self);
NTSTATUS status;
struct security_ace *ace = NULL;
PyObject *py_ace = Py_None;
if (!PyArg_ParseTuple(args, "O!", &security_ace_Type, &py_ace))
return NULL;
if (!PyObject_TypeCheck(py_ace, &security_ace_Type)) {
PyErr_SetString(PyExc_TypeError,
"expected security.security_ace "
"for first argument to .sacl_del_ace");
return NULL;
}
ace = pytalloc_get_ptr(py_ace);
status = security_descriptor_sacl_del_ace(desc, ace);
PyErr_NTSTATUS_IS_ERR_RAISE(status);
Py_RETURN_NONE;
}
static PyObject *py_descriptor_new(PyTypeObject *self, PyObject *args, PyObject *kwargs)
{
return pytalloc_steal(self, security_descriptor_initialise(NULL));
@ -302,7 +348,11 @@ static PyMethodDef py_descriptor_extra_methods[] = {
NULL },
{ "sacl_del", (PyCFunction)py_descriptor_sacl_del, METH_VARARGS,
NULL },
{ "from_sddl", (PyCFunction)py_descriptor_from_sddl, METH_VARARGS|METH_CLASS,
{ "dacl_del_ace", (PyCFunction)py_descriptor_dacl_del_ace, METH_VARARGS,
NULL },
{ "sacl_del_ace", (PyCFunction)py_descriptor_sacl_del_ace, METH_VARARGS,
NULL },
{ "from_sddl", (PyCFunction)py_descriptor_from_sddl, METH_VARARGS|METH_CLASS,
NULL },
{ "as_sddl", (PyCFunction)py_descriptor_as_sddl, METH_VARARGS,
NULL },