1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

8352 Commits

Author SHA1 Message Date
Joseph Sutton
02b546778f lib:krb5_wrap: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-21 23:37:29 +00:00
Volker Lendecke
42e4691cf5 audit_logging: Simplify json_add_stringn() with json_stringn()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Aug 14 20:51:11 UTC 2023 on atb-devel-224
2023-08-14 20:51:11 +00:00
Volker Lendecke
a9f358f7d7 tevent: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-08-14 19:53:37 +00:00
Volker Lendecke
0382e07222 dbwrap: Simplify dbwrap_change_int32_atomic_action()
Use dbwrap_do_locked()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-08-14 19:53:37 +00:00
Volker Lendecke
ad0986652d dbwrap: Simplify dbwrap_change_uint32_atomic_action()
Use dbwrap_do_locked()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-08-14 19:53:37 +00:00
Joseph Sutton
d35e7f10af tsocket: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 04:57:34 +00:00
Joseph Sutton
a643ac45c1 lib/replace: Ensure that __STDC_WANT_LIB_EXT1__ is set to 1
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 04:57:34 +00:00
Joseph Sutton
5b3a8aa544 lib:krb5_wrap: Remove unnecessary cast
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 04:57:34 +00:00
Joseph Sutton
578c1d39f5 ldb:ldb_sqlite3: Access correct member of union
Accessing the wrong member of a union invokes undefined behaviour.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 04:57:34 +00:00
Joseph Sutton
993ff0353b ldb: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 04:57:34 +00:00
Douglas Bagnall
269738d6ce lib/replace: fix strlcat/strlcpy compile for Honggfuzz
Otherwise we getthis kind of thing:

../../lib/replace/replace.c:837:3: error: implicit declaration of function 'strlcpy' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
                strlcpy(buf, s, buflen);

../../third_party/heimdal/lib/roken/getarg.c:288:6: error: implicit declaration of function 'strlcat' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
            strlcat(buf, "]", sizeof(buf));

because we found the symbol names in libc, but didn't check that the
functions are declared in <string.h>. We already include
<bsd/string.h> whenever we have it.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug  8 05:35:08 UTC 2023 on atb-devel-224
2023-08-08 05:35:08 +00:00
Douglas Bagnall
17e35c2691 fuzz: add fuzzer for ldb_comparison_fold
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:39 +00:00
Douglas Bagnall
019bee54c6 fuzz: add fuzzer for sess_crypt_blob
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:39 +00:00
Douglas Bagnall
5c007600dc util/base64: add a note about zero length strings
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:38 +00:00
Douglas Bagnall
c3ded9d934 lib/fuzzing:fuzz_sddl_access_check fix nul-term check
We were wanting to ensure the string contains a zero byte, but
instead were checking for a non-zero byte.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:38 +00:00
Douglas Bagnall
5c81f34935 lib/fuzzing: LLVMFuzzerTestOneInput() takes const uint8_t*
We have been using `uint8_t *`, which works fine as far as
linking goes, but leads fuzz target developers to sometimes
forget why they can't just modify the passed in string instead of
copying it for modification (e.g. to NUL-terminate).

REF: https://llvm.org/docs/LibFuzzer.html#fuzz-target

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:38 +00:00
Joseph Sutton
8ff5c51419 lib/util: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
6ee008d2d9 lib:socket: Add missing newlines to logging messages
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
ea888d6901 lib:mscat: Add missing newlines to logging messages
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
f14d5a0187 talloc: Fix typo
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
355fd3c7bf lib:charset: Update NUM_CHARSETS to reflect true value
CH_DISPLAY was removed in commit
125a2ff262, but NUM_CHARSETS was not
updated to match.

By assigning to NUM_CHARSETS the last enumeration value in charset_t, we
guard against its falling out of sync again.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
150d457b55 ldb: Work around inconsistent behaviour in PyObject_AsMessageElement()
PyObject_AsMessageElement() has ‘flags’ and ‘attr_name’ parameters to
set properties of the returned MessageElement, but they apply only
*sometimes*.

‘attr_name’ not being set can result in cryptic and misleading error
messages from various ldb operations.

Changing the function’s behaviour to be more consistent could break
existing code, so we work around the issue instead.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
d278f97d5e ldb: Clarify documentation for PyObject_AsMessageElement()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
77015f3ca0 ldb: Don’t leak ‘el’
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
229d270deb ldb: Check talloc_zero_array() return value
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
dc89fabbb5 ldb: Don’t leak ‘msg’
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
5820558592 ldb: Check talloc_strdup() return value
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
41e0951d91 ldb: Don’t decrement reference count until object is no longer needed
If ‘tmp’ happens to be garbage-collected, ‘name’ will become invalid.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
1cb91c6a78 ldb: Fix leaks
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
d5c309a547 ldb: Account for ‘name’ possibly being NULL
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
6ce9c6a306 ldb: Don’t pass NULL pointer into strcasecmp()
Doing so is undefined behaviour.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
f47aef7743 python: Use correct function signatures
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
8090e59541 lib/ldb-samba: Add missing newline to logging message
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Joseph Sutton
5c67b45221 lib/util: Add missing newlines to logging messages
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Joseph Sutton
aa9ca51946 lib/replace: Const-qualify sys_errlist
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Joseph Sutton
8ed6955365 lib:dbwrap: Remove unneeded space in debug message
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Andreas Schneider
edcebcd48a lib:tevent: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2023-08-03 14:31:34 +00:00
Andreas Schneider
d0b2c27d2f lib:fuzzing: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2023-08-03 14:31:34 +00:00
Andrew Bartlett
5cc861603a lib/util: Move DEBUG() calls in gendb_search_v to common levels and new DBG_*() pattern
This moves success logs 6 -> 10, failure logs 4 -> 5.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2023-07-31 10:56:54 +00:00
Pavel Filipenský
c58a714232 lib:krb5_wrap: Fix resource leak in smb_krb5_kt_seek_and_delete_old_entries
Reported by Red Hat internal covscan
leaked_storage: Variable "cursor" going out of scope leaks the storage it points to.

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-07-31 10:56:54 +00:00
Jule Anger
7319c7596e ldb: change the version to 2.9.0 for Samba 4.20
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jul 28 11:49:02 UTC 2023 on atb-devel-224
2023-07-28 11:49:02 +00:00
Jule Anger
94f11c3c21 ldb: release 2.8.0 for use in Samba 4.19.x
* CVE-2023-0614 Not-secret but access controlled LDAP attributes can be discovered (bug 15270)
* pyldb: Raise an exception if ldb_dn_get_parent() fails
* Implement ldap_whoami in pyldb and add the RFC4532 LDB_EXTENDED_WHOAMI_OID definition
* Documentation and spelling fixes
* Add ldb_val -> bool,uint64,int64 parsing functions
* Split out ldb_val_as_dn() helper function
* add LDB_CHANGETYPE_MODRDN support to ldb_ldif_to_pyobject()
* add LDB_CHANGETYPE_DELETE support to ldb_ldif_to_pyobject()
* let ldb_ldif_parse_modrdn() handle names without 'rdn_name=' prefix
* Don't create error string if there is no error
* Avoid allocation and memcpy() for every wildcard match candidate
* Make ldb_msg_remove_attr O(n)
* pyldb: Throw error on invalid controls
* pyldb: remove py2 ifdefs
* Call tevent_set_max_debug_level(TEVENT_DEBUG_TRACE)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270

Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2023-07-28 10:48:33 +00:00
Andrew Bartlett
e36a4149d8 librpc/idl: Remove DCOM and WMI IDL
As hinted in f2416493c0 the DCOM and WMI
IDL is now unused.  These generate code with PIDL, costing a small
amount of build time but more importantly are fuzzed, which costs an
ongoing amount of CPU time as oss-fuzz tries to find parsing issues.

We do not need to continue this waste, and these can be restored
if this effort is ever to start again.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-07-28 10:48:32 +00:00
Pavel Filipenský
c5778a0fbd krb5_wrap: add krb5_free_string()
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-07-28 10:48:32 +00:00
Pavel Filipenský
75139445c2 krb5_wrap: add krb5_free_enctypes()
MIT Kerberos implements krb5_free_enctypes(), Heimdal is missing it and
offers krb5_xfree() instead.
This introduces a wrapper krb5_free_enctypes() around krb5_xfree() for
Heimdal.

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-07-28 10:48:32 +00:00
Andrew Bartlett
76ad44f446 lib/cmdline: Also redact --newpassword in samba_cmdline_burn()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 21 06:16:30 UTC 2023 on atb-devel-224
2023-07-21 06:16:30 +00:00
Andrew Bartlett
414b3803bb lib/cmdline: Also burn the --password2 parameter if given
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-07-21 05:23:32 +00:00
Andrew Bartlett
848fea1a01 lib/cmdline: Return if the commandline was redacted in samba_cmdline_burn()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-07-21 05:23:32 +00:00
Andrew Bartlett
3109899299 lib/fault: During smb_panic() print process comment and setprocname() title
The purpose of this is to make it clear which part of the AD DC (in particular)
has faulted without having to deduce it from the stacktrace.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-07-21 01:25:37 +00:00
Stefan Metzmacher
24120728bb ldb: call tevent_set_max_debug_level(TEVENT_DEBUG_TRACE) together with ldb_tevent_debug()
This means ldb_tevent_debug() is only called for TEVENT_DEBUG_TRACE.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-07-19 08:02:33 +00:00