1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

19 Commits

Author SHA1 Message Date
Douglas Bagnall
7990f5a284 util:datablob: avoid non-transitive comparison in data_blob_cmp()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit e1519c3667)
2024-06-10 13:24:16 +00:00
Andrew Bartlett
793b86f4cb conditional_aces: Avoid manual parsing for ace_condition_bytes, use DATA_BLOB
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-09-26 23:45:36 +00:00
Joseph Sutton
feb36dbebf lib/util: Change function to mem_equal_const_time()
Since memcmp_const_time() doesn't act as an exact replacement for
memcmp(), and its return value is only ever compared with zero, simplify
it and emphasize the intention of checking equality by returning a bool
instead.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-06-09 22:49:29 +00:00
Joseph Sutton
a554e2ce53 lib/util: Change function to data_blob_equal_const_time()
Since data_blob_cmp_const_time() doesn't act as an exact replacement for
data_blob_cmp(), and its return value is only ever compared with zero,
simplify it and emphasize the intention of checking equality by
returning a bool instead.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-06-09 22:49:29 +00:00
Joseph Sutton
ae6634c787 auth: Use constant-time memcmp when comparing sensitive buffers
This helps to avoid timing attacks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15010

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-06-09 22:49:29 +00:00
Stefan Metzmacher
8ca99c25ba lib/util: data_blob_append() should not fail if both parts have length=0
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15050

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-05-02 19:13:31 +00:00
Joseph Sutton
bba30095ca kdc: Pad UPN_DNS_INFO PAC buffer
Padding this buffer to a multiple of 8 bytes allows the PAC buffer
padding to match Windows.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-12-15 03:41:32 +00:00
Volker Lendecke
e80d390b4b lib: Use TALLOC_FREE() in data_blob_free()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-08-06 17:22:30 +00:00
Volker Lendecke
fa8c0379b5 lib: Fix a potential error path memleak
Don't directly overwrite the pointer for a realloc. On failure, the
original pointer is still valid.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-08-06 17:22:30 +00:00
Andreas Schneider
f9c1535099 lib:util: Use memset_s() in data_blob_clear()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Dec 20 16:11:03 CET 2018 on sn-devel-144
2018-12-20 16:11:02 +01:00
Volker Lendecke
d6e2db6f52 lib: Fix signed/unsigned comparisons
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-12-05 18:37:10 +01:00
Martin Schwenke
1f0e5cb38c lib/util: Clean up includes for data_blob.[ch]
Allows standalone compile without external includes.h.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-10-04 00:11:20 +02:00
Jeremy Allison
829c87634b Change data_blob() to be based on top of data_blob_talloc(), instead of the reverse (as it is now).
It makes no sense to talloc off the null context, then talloc steal
into the required context - just talloc off the correct context, and
change data_blob() to pass in the null context to data_blob_talloc().

Jeremy.

Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-18 21:57:23 +02:00
Stefan Metzmacher
ad6ea7b189 lib/util: remove data_blob_talloc_reference()
We want to avoid the usage of talloc_reference() in Samba.

metze
2010-01-29 11:16:44 +01:00
Andrew Bartlett
fd5174e88c lib/util Split data_blob_hex_string() into upper and lower
Rather than have a repeat of the bugs we found at the plugfest where
hexidecimal strings must be in upper or lower case in particular
places, ensure that each caller chooses which case they want.

This reverts most of the callers back to upper case, as things were
before tridge's patch.  The critical call in the extended DN code is
of course handled in lower case.

Andrew Bartlett
2009-11-12 16:34:01 +11:00
Andrew Tridgell
fb84edabbe s4-util: windows only accepts lowercase hex encodings for extended DNs 2009-09-22 17:10:05 -07:00
Jelmer Vernooij
aa982895e5 Add data_blob_string_const_null() function that includes the terminating
null byte and use it in Samba 3.

This matches the behaviour prior to my data_blob changes.
2008-10-13 05:20:26 +02:00
Jelmer Vernooij
348be5f1e4 Share data_blob implementation. 2008-10-12 01:46:15 +02:00
Jelmer Vernooij
caa4e42860 Move lib/util from source4 to top-level libutil.
Conflicts:

	source4/Makefile
2008-10-11 21:05:38 +02:00