1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

8559 Commits

Author SHA1 Message Date
Joseph Sutton
939ceb233e util/charset: Add talloc_utf16_str[n]dup()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-16 05:18:36 +00:00
Joseph Sutton
b6ff89f6fb util/charset: Include missing headers
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-16 05:18:36 +00:00
Joseph Sutton
3f0809f1ee util/charset: Remove unnecessary cast
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-16 05:18:36 +00:00
Joseph Sutton
ec3e420840 util/charset: Prefer PULL_LE_U16() to older SVAL() macro
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-15 22:07:36 +00:00
Joseph Sutton
99e0a0f21a util/charset/tests: Add tests for UTF‐16 string length functions
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-15 22:07:36 +00:00
Joseph Sutton
a46746381b util/charset: Add utf16_len_n()
This function returns the length in bytes — at most ‘n’ — of a UTF‐16
string excluding the null terminator.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-15 22:07:36 +00:00
Joseph Sutton
74a5a3b74e util/charset: Include final UTF‐16 code unit in length calculation loop
Change ‘<’ to ‘<=’ so that we check the final UTF‐16 code unit in our
search for the null terminator. This makes no difference to the result:
if we’ve reached the final code unit without finding a terminator, the
final code unit will be included in the length whether it is a null
terminator or not.

Why make this change? We’re about to factor out this loop into a new
function, utf16_len_n(), where including the final code unit *will*
matter.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-15 22:07:36 +00:00
Joseph Sutton
516f35b5a1 util/charset: Add utf16_len()
This function returns the length in bytes of a UTF‐16 string excluding
the null terminator.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-15 22:07:36 +00:00
Joseph Sutton
16996d145b util/charset: Rename utf16_len() to utf16_null_terminated_len()
The new name indicates that — contrary to functions such as strnlen() —
the length may include the terminator.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-15 22:07:36 +00:00
Joseph Sutton
542e5a3039 util/charset: Rename utf16_len_n() to utf16_null_terminated_len_n()
The new name indicates that — contrary to functions such as strnlen() —
the length may include the terminator.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-15 22:07:36 +00:00
Joseph Sutton
982238e914 util/charset: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-15 22:07:36 +00:00
Joseph Sutton
935f4edd81 libcli/security: Optionally disallow device‐specific attributes and operators where they are not applicable
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-09 08:00:30 +00:00
Douglas Bagnall
cbf8349ec5 lib/ldb: pyldb search iterator avoids exception leak
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:46 +00:00
Douglas Bagnall
1d8024e733 lib/ldb: py LDBError avoids leak and checks for alloc failure
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:46 +00:00
Joseph Sutton
a396b705c8 librpc:ndr: Introduce ‘ndr_flags_type’ type
Instead of ‘int’ or ‘uint32_t’, neither of which convey much meaning,
consistently use a newly added type to hold NDR_ flags.

Update the NDR 4.0.0 ABI.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
c4f281e9ae librpc:ndr: Introduce ‘libndr_flags’ type
The LIBNDR_FLAG_ namespace is getting dangerously full, with only a
single flag value (1 << 9) remaining for use. After that flag is put
into use, we won’t be able to add any new flags without increasing the
flag width to 64‐bit.

Up to now we’ve used a haphazard mix of int, unsigned, and uint32_t to
store these flags. Introduce a new type, ‘libndr_flags’, to be used
consistently to hold LIBNDR flags. If in the future we find we need to
move to 64‐bit flags, this type gives us an opportunity to do that.

Bump the NDR version to 4.0.0 — an major version increment, for we’re
changing the function ABI and adding the new symbol
ndr_print_libndr_flags.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Andreas Schneider
cdcaac148f lib:util: Add a gfree_memcache()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-27 05:54:33 +00:00
Andreas Schneider
842d2eca91 lib:util: Add boolean return type for memcache_add_talloc()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-27 05:54:33 +00:00
Andreas Schneider
200a5b7617 lib:util: Add boolean return type for memcache_add()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-27 05:54:33 +00:00
Joseph Sutton
ddef0e5e1f s4:kdc: Consider a single‐component krbtgt principal to be the TGS
This matches the behaviour of Windows.

NOTE: This commit finally works again!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15482

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-26 01:24:32 +00:00
Joseph Sutton
9a0c5ee4ae s4:kdc: Have smb_krb5_principal_get_comp_string() properly indicate an error
The existing implementation did not differentiate between the case where
the relevant component was not present, and that where talloc_strndup()
failed. To correct this situation, put the result into an out parameter
on success and return an error on failure.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15482

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-26 01:24:32 +00:00
Joseph Sutton
800f3203b1 lib/krb5_wrap: Check return value of krb5_principal_get_comp_string()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15482

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-26 01:24:32 +00:00
Douglas Bagnall
3960eabca7 libutil/iconv: avoid overflow in surrogate pairs
Consider the non-conforment utf-8 sequence "\xf5\x80\x80\x80", which
would encode 0x140000. We would set the high byte of the first
surrogate to 0xd8 | (0x130000 >> 18), or 0xdc, which is an invalid
start for a high surrogate, making the sequence as a whole invalid (as
you would expect -- the Unicode range was set precisely to that
covered by utf-16 surrogates).

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-26 01:24:32 +00:00
Douglas Bagnall
949fe57077 libutil/iconv: don't allow wtf-8 surrogate pairs
At present, if we meet a string like "hello \xed\xa7\x96 world", the
bytes in the middle will be converted into half of a surrogate pair,
and the UTF-16 will be invalid. It is better to error out immediately,
because the UTF-8 string is already invalid.

https://learn.microsoft.com/en-us/windows/win32/api/Stringapiset/nf-stringapiset-widechartomultibyte#remarks
is a citation for the statement about this being a pre-Vista
problem.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-26 01:24:32 +00:00
Douglas Bagnall
d7481f94e0 util/charset/torture: test convert_string_talloc with emptyish strings
because it wasn't entirely obvious (a zero length string returns a
length 1 result).

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-26 01:24:32 +00:00
Douglas Bagnall
b5a728e81e util/convert string: remove inaccurate misspelt comment
Previous commit to the "embarrassing" line was ce10a7a673 "Fix
typo in comment", which did not completely fix the typo in the
comment.

But there are no gotos anymore, so no embarrassment, however spelt.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-26 01:24:32 +00:00
Douglas Bagnall
df8ab7edfa util/charset: disambiguate docs for convert_string twins
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-26 01:24:32 +00:00
Douglas Bagnall
7cf4efe768 lib/util/charset: @param typos
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-26 01:24:32 +00:00
Joseph Sutton
53caed5ea3 lib/util: Fix comment
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-25 22:23:37 +00:00
Joseph Sutton
1503589524 tevent: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-25 22:23:37 +00:00
Joseph Sutton
82ec1965c8 talloc: Fix documentation
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-25 22:23:37 +00:00
Joseph Sutton
97566f1b83 lib/fuzzing: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-25 22:23:37 +00:00
Joseph Sutton
ee8820b6dc ldb: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-25 22:23:37 +00:00
Andreas Schneider
d7a6488da8 lib:param: Set a memory context for the globals if not initialized yet
Typically once the smb.conf starts to be loaded,
loadparm_s3_init_globals() will be called and a memory context for
strings on the static Globals will be created.  But we might call
lpcfg_set_cmdline() before we load the smb.conf file, so we (via a
helper pointer) call loadparm_s3_init_globals() to get that
initialisation done earlier, ensuring that all allocations on Globals is
done on a memory context that we can later TALLOC_FREE() before exit().

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-25 22:23:37 +00:00
Joseph Sutton
46f0c26965 lib/torture: Add torture_assert_size_*() macros
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15498

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-10-24 14:48:36 +00:00
Joseph Sutton
e933fd2dad lib/torture: Use portable format specifiers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15498

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-10-24 14:48:36 +00:00
Stefan Metzmacher
71e8727bdc lib/tsocket: add tstream_bsd_fail_readv_first_error()
This gives the caller the option to fail immediately if
TEVENT_FD_ERROR appear even with pending bytes in the
recv queue.

Servers typically want to activate this in order to avoid
pointless work, while clients typically want to read
pending responses from the recv queue.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-24 09:36:37 +00:00
Stefan Metzmacher
5bedf1675e lib/tsocket: make use of TEVENT_FD_ERROR in tstream_bsd_fde_handler()
This makes the logic introduced to fix bug #15202 simpler.

While developing this I noticed that a lot of callers
rely on the fact that they can read the pending bytes out
of the recv queue before EOF is reported.

So I changed the code handle TEVENT_FD_ERROR together with
TEVENT_FD_READ in a way that keep the existing callers happy.

In the next step we'll add a way to let callers opt-in in order
to fail immediately if TEVENT_FD_ERROR appears (even if there
are pending bytes remaining in the recv queue).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15202

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-24 09:36:37 +00:00
Stefan Metzmacher
22e3a542f3 lib/tsocket: let tstream_bsd_connect_send() use TEVENT_FD_ERROR instead of TEVENT_FD_READ
This mostly cosmetic, but now that we have TEVENT_FD_ERROR we should use it.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-24 09:36:37 +00:00
Stefan Metzmacher
82aafa4ac8 lib/async_req: let writev_send/recv use TEVENT_FD_ERROR
Unless err_on_readability is true, we use TEVENT_FD_READ only
to detect errors. Now that we have TEVENT_FD_ERROR we should use it.

As a side effect it makes the code much simpler and clearer, as
we can directly map TEVENT_FD_ERROR to EPIPE.

In addition the err_on_readability=true case is now also
clearer, where we just map TEVENT_FD_READ to EPIPE.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-24 09:36:37 +00:00
Stefan Metzmacher
21a18a5b52 lib/async_req: let async_connect_send use TEVENT_FD_ERROR instead of TEVENT_FD_READ
This mostly cosmetic, but now that we have TEVENT_FD_ERROR we should use it.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-24 09:36:37 +00:00
Stefan Metzmacher
66b2563722 lib/tsocket: make use of samba_socket_sock_error()
This is nicer than calling getsockopt(state->fd, SOL_SOCKET, SO_ERROR)
directly.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-24 09:36:37 +00:00
Stefan Metzmacher
cd964e521b lib/tsocket: make use of samba_socket_poll_or_sock_error()
This is just a copy of the existing code...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-24 09:36:37 +00:00
Stefan Metzmacher
f8213ec871 lib/util: add samba_socket_{poll,sock,poll_or_sock}_error()
These are copies of the static functions in lib/tsocket/tsocket_bsd.c,
which we will replace in the next commit.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-24 09:36:37 +00:00
Stefan Metzmacher
acd9248b13 tevent: version 0.16.0
- the epoll backend is no longer limited to 2 event handlers
  per low level fd.
- finally add support for TEVENT_FD_ERROR

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Oct 13 10:45:51 UTC 2023 on atb-devel-224
2023-10-13 10:45:51 +00:00
Stefan Metzmacher
407cda2f3b tevent: add support for TEVENT_FD_ERROR
After 12 years we finally got TEVENT_FD_ERROR support :-)

TEVENT_FD_WRITE event handlers never get errors reported
instead the event handler is silently disabled.
There are likely callers relying on that behavior, so
we are not able to chance it.

Now TEVENT_FD_WRITE can be used together with TEVENT_FD_ERROR
in order to get errors reported without waiting for TEVENT_FD_READ.

TEVENT_FD_ERROR can also be used alone in order to detect errors
on sockets in order to cleanup resources.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-10-13 09:49:33 +00:00
Stefan Metzmacher
55f25eb34b tevent: add test_event_fd3
The tests the interaction of multiple event handlers on
the same low level fd.

It shows that poll and epoll backends behave in the
same fair way.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-10-13 09:49:33 +00:00
Stefan Metzmacher
a76056fafb tevent: add test_fd_speed3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-10-13 09:49:33 +00:00
Stefan Metzmacher
28bf51fc65 tevent: let tevent_epoll.c use new generic mpx infrastructure
This allows any number of event handlers per low level fd.

It means the epoll backend behaves like the poll backend now.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-10-13 09:49:33 +00:00
Stefan Metzmacher
b328e99065 tevent: add tevent_common_fd_mpx infrastructure
Backends may require to map individual tevent_fd instances to
a single low level kernel state (e.g. for epoll).

This generic infrastructure adds helper functions using
a generic (sub)part of struct tevent_fd.

The new code will allow us to support more than 2 tevent_fd
instances per fd, which makes sure all backends can provide
a similar behavior. This will be important when we add
TEVENT_FD_ERROR as a 3rd kind of fd event.

The aim is to use this in order to replace the limited implementation
we already have in tevent_epoll.c.

As these helpers are typically called from within
'void tevent_fd_set_flags(struct tevent_fd *fde, uint16_t flags)'
there's no way to report errors. So in order avoid additional
error handling complexity the helpers try to avoid
any allocations which may fail. It also means the logic in
tevent_epoll.c doesn't have to change much.

These are implemented as static line functions in order to avoid
the function call overhead, which showed up in profiles of the
early implementation.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-10-13 09:49:33 +00:00
Stefan Metzmacher
95d6600a06 tevent: split out a tevent_common_fd_disarm() helper
It means tevent_trace_fd_callback(TEVENT_EVENT_TRACE_DETACH)
is always called and similar future changes are only
needed in one place.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-10-13 09:49:33 +00:00
Stefan Metzmacher
7672a29feb ldb: sync DLIST_DEMOTE_SHORT() changes to include/dlinklist.h
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-10-13 09:49:33 +00:00
Stefan Metzmacher
4fe39d9e7c lib/util: sync DLIST_DEMOTE_SHORT() changes to dlinklist.h
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-10-13 09:49:33 +00:00
Stefan Metzmacher
30d22631a6 tevent: introduce DLIST_DEMOTE_SHORT()
It turns out that the overhead of DLIST_DEMOTE() implemented
as DLIST_REMOVE();DLIST_ADD_END(), is very high if the list
contains only 1 or 2 elements.

The next commits will make use of DLIST_DEMOTE_SHORT() for
multiplexing multiple tevent_fd structures for a single fd
and the most important and common case is a list with just
one element.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-10-13 09:49:33 +00:00
Joseph Sutton
86f8cde6b3 lib:util: Remove always‐false comparison (CID 242193)
‘id’ is an unsigned variable, and so it can never be less than zero.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-13 02:18:31 +00:00
Joseph Sutton
700754b096 util: Remove redundant assertion (CID 1497841)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-13 02:18:31 +00:00
Joseph Sutton
757cd49b84 tdb: Do not pass non–null‐terminated strings to strcmp() (CID 1449485)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-13 02:18:30 +00:00
Joseph Sutton
8f4aa3508c lib:replace: Properly check result of write() and read() (CID 1034925)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-13 02:18:30 +00:00
Joseph Sutton
fe86989fcc lib:printer_driver: Check return value of gp_inifile_enum_section() (CID 1444835)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-13 02:18:30 +00:00
Joseph Sutton
03ca8c25d0 lib:compression: Correctly fix sign extension of long matches (CID 1517275)
Commit 6b4d94c987 was a previous attempt
to fix this issue.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-13 02:18:30 +00:00
Andrew Bartlett
3cf1beed5d CVE-2023-42669 s4-rpc_server: Disable rpcecho server by default
The rpcecho server is useful in development and testing, but should never
have been allowed into production, as it includes the facility to
do a blocking sleep() in the single-threaded rpc worker.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15474

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2023-10-10 14:49:39 +00:00
Joseph Sutton
da202eb209 lib:krb5_wrap: Include missing headers
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-01 22:45:38 +00:00
Joseph Sutton
1f92b5f150 lib/util: Fix building with FORTIFY_SOURCE=2
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-01 22:45:38 +00:00
Joseph Sutton
a77b90d808 ldb: Fix building with FORTIFY_SOURCE=2
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-01 22:45:38 +00:00
Joseph Sutton
50c208fc53 lib/ldb-samba: Fix building with FORTIFY_SOURCE=2
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-01 22:45:38 +00:00
Joseph Sutton
e961783add lib:compression: Fix building with FORTIFY_SOURCE=2
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-01 22:45:38 +00:00
Joseph Sutton
2f6083f59f lib:audit_logging: Initialize ‘tm’ structure
‘tm’ must be initialized prior to calling strptime().

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-27 02:43:28 +00:00
Joseph Sutton
58bd2f525b lib/krb5_wrap: Simplify assignments
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-27 02:43:28 +00:00
Joseph Sutton
0bd7863ec0 lib/krb5_wrap: Make use of smb_krb5_make_data()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-27 02:43:28 +00:00
Douglas Bagnall
3be69fc3dc fuzzing: fuzz_sddl_parse forgives bad utf-8
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-26 23:45:36 +00:00
Douglas Bagnall
e4da279b1c util/str: helper to check for utf-8 validity
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-26 23:45:36 +00:00
Douglas Bagnall
b3f92b475c lib/fuzzing: fuzz_sddl_parse: allow non-round-trip with long strings
There is a borderline case where a conditional ACE unicode string
becomes longer than the SDDL parser wants to handle when control
characters are given canonical escaping. This can make the round trip
fail, but it isn't really a problem.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-26 23:45:36 +00:00
Andrew Bartlett
793b86f4cb conditional_aces: Avoid manual parsing for ace_condition_bytes, use DATA_BLOB
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-09-26 23:45:36 +00:00
Andrew Bartlett
1223b89d81 docs-xml: Add new parameter "acl claims evaluation"
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-09-26 23:45:35 +00:00
Douglas Bagnall
cc17c3e21d lib/fuzzing: adjust access-check seed patch
Now that access_check.c includes headers for conditional ACEs, the patch
should take that into account.

Also, we check for a talloc failure.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-26 23:45:35 +00:00
Douglas Bagnall
ea4caa45ab lib/fuzzing: fuzz_conditional_ace_blob
This parses the blob as a conditional ACE, and if possible tries
decompiling it into SDDL.

There are not many round-trip assertions we can honestly make, but we
keep the trip going as long as possible, in case it reveals anything.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-26 23:45:35 +00:00
Douglas Bagnall
c6a62d69ca lib/fuzzing: adapt fuzz_sddl_access_check for claims
The token has more stuff in it.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-26 23:45:35 +00:00
Douglas Bagnall
295c609f5a lib/fuzzing: fuzz SDDL conditional ACEs
Here we're not compiling the whole SD, just the single conditional
ACE.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-26 23:45:35 +00:00
Volker Lendecke
3b8cfda1c9 lib: Avoid a tdb handle leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-09-25 19:01:34 +00:00
Volker Lendecke
46f710c95f lib: Modernize tdb_fetch_lifetime()
Just came across this, avoid mallocs.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-09-25 19:01:34 +00:00
Joseph Sutton
477dc8f246 ldb: Prefer explicit initialization to ZERO_STRUCT()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-14 21:35:29 +00:00
Joseph Sutton
187d74d9c0 lib:krb5_wrap: Remove Heimdal‐only krb5_princ_component() implementation
This implementation is no longer called: using a variable of static
storage duration as a conduit for return values is only asking for
trouble.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-14 21:35:29 +00:00
Joseph Sutton
229d26e25e lib:krb5_wrap: Add Heimdal‐specific smb_krb5_princ_component() implementation
This implementation doesn’t rely on a variable of static storage
duration being used as a conduit for the return value.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-14 21:35:29 +00:00
Joseph Sutton
eec9e54592 lib:krb5_wrap: Add smb_krb5_princ_component()
For now this function is a mere wrapper round krb5_princ_component(),
but one whose interface allows for a more sensible implementation.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-14 21:35:29 +00:00
Joseph Sutton
d901fe9c67 lib:krb5_wrap: Have smb_krb5_principal_get_realm() check the return values of intermediate functions
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-14 21:35:29 +00:00
Joseph Sutton
b8ca4dead2 lib:krb5_wrap: Eliminate redundant code from smb_krb5_sockaddr_to_kaddr()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-14 21:35:29 +00:00
Joseph Sutton
0bcf44c8b7 lib:tdr: Remove unnecessary cast
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-14 21:35:28 +00:00
Joseph Sutton
74e1bb0571 lib:mscat: Remove unnecessary casts
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-14 21:35:28 +00:00
Joseph Sutton
dd2b568721 lib:charset: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-11 02:42:41 +00:00
Joseph Sutton
6a303be56c tevent: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-11 02:42:41 +00:00
Joseph Sutton
53caec3c36 tdb: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-11 02:42:41 +00:00
Joseph Sutton
9d699895ad lib:printer_driver: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-11 02:42:41 +00:00
Joseph Sutton
5fbbf9b9ba ldb: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-11 02:42:41 +00:00
Joseph Sutton
7d9edb82c4 lib:krb5_wrap: Fix spelling in documentation
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-11 02:42:41 +00:00
Joseph Sutton
74580daac9 lib:crypto: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-11 02:42:41 +00:00
Joseph Sutton
1c35195ff7 lib:compression: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-11 02:42:41 +00:00
Stefan Metzmacher
a9c53b9eff lib/util: inline iov_{buflen,buf,advance}()
The main reason for this change was the use of
iov_advance() in the next commits in
source3/smbd/smb2_server.c

And the function calls to iov_advance() showed up
in profiling with callgrind.

While there iov_buf() and iov_buflen() are moved as
well, as they are also used there.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-09-06 19:30:35 +00:00
Joseph Sutton
5de640fc58 ldb: Heed return code from Python testsuite
When we added a second run of the Python testsuite, the return code from
the first run began to go ignored.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-30 02:15:29 +00:00
Joseph Sutton
b440732e7f ldb: Remove unused import
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-30 02:15:29 +00:00
Joseph Sutton
e4ab1de4e4 lib:ldb:tests: Remove explicit comparison with False
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-30 02:15:29 +00:00
Joseph Sutton
6668d213e7 pyldb: Fix leaks
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-30 02:15:28 +00:00
Joseph Sutton
5e9187baf9 pyldb: Check return values of Python functions
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-30 02:15:28 +00:00
Joseph Sutton
e5794b8c8a pyldb: Check return values of talloc functions
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-30 02:15:28 +00:00
Joseph Sutton
93d37f8bfc pyldb: Check whether Python object is a list
If we’re going to call PyList_Size() on an object, we should be sure
that it is a list first.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-30 02:15:28 +00:00
Martin Schwenke
c767277912 util: Avoid logging to multiple backends for stdout/stderr
Commit 83fe7a0316 converted the
stdout/stderr logging  types to DEBUG_FILE to get a header when using
DEBUG_SYSLOG_FORMAT_ALWAYS.  However, this causes all configured
backends to be invoked.  When syslog is one of those backends then
this is almost certainly not what is intended.

Instead, call debug_file_log() directly in that special case and
revert the parts of the above commit that convert to file logging.

Most of the changes to debughdrclass() still seem necessary, since
they handle the change of debug_syslog_format from a bool to an enum.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15460

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Aug 28 01:21:07 UTC 2023 on atb-devel-224
2023-08-28 01:21:07 +00:00
Douglas Bagnall
4504324ea4 lib/util: strhex_to_data_blob checks talloc
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-24 02:53:30 +00:00
Joseph Sutton
d608dc175e lib:krb5_wrap: Fix references to incorrect function names
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-21 23:37:29 +00:00
Joseph Sutton
02b546778f lib:krb5_wrap: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-21 23:37:29 +00:00
Volker Lendecke
42e4691cf5 audit_logging: Simplify json_add_stringn() with json_stringn()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Aug 14 20:51:11 UTC 2023 on atb-devel-224
2023-08-14 20:51:11 +00:00
Volker Lendecke
a9f358f7d7 tevent: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-08-14 19:53:37 +00:00
Volker Lendecke
0382e07222 dbwrap: Simplify dbwrap_change_int32_atomic_action()
Use dbwrap_do_locked()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-08-14 19:53:37 +00:00
Volker Lendecke
ad0986652d dbwrap: Simplify dbwrap_change_uint32_atomic_action()
Use dbwrap_do_locked()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-08-14 19:53:37 +00:00
Joseph Sutton
d35e7f10af tsocket: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 04:57:34 +00:00
Joseph Sutton
a643ac45c1 lib/replace: Ensure that __STDC_WANT_LIB_EXT1__ is set to 1
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 04:57:34 +00:00
Joseph Sutton
5b3a8aa544 lib:krb5_wrap: Remove unnecessary cast
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 04:57:34 +00:00
Joseph Sutton
578c1d39f5 ldb:ldb_sqlite3: Access correct member of union
Accessing the wrong member of a union invokes undefined behaviour.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 04:57:34 +00:00
Joseph Sutton
993ff0353b ldb: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 04:57:34 +00:00
Douglas Bagnall
269738d6ce lib/replace: fix strlcat/strlcpy compile for Honggfuzz
Otherwise we getthis kind of thing:

../../lib/replace/replace.c:837:3: error: implicit declaration of function 'strlcpy' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
                strlcpy(buf, s, buflen);

../../third_party/heimdal/lib/roken/getarg.c:288:6: error: implicit declaration of function 'strlcat' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
            strlcat(buf, "]", sizeof(buf));

because we found the symbol names in libc, but didn't check that the
functions are declared in <string.h>. We already include
<bsd/string.h> whenever we have it.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug  8 05:35:08 UTC 2023 on atb-devel-224
2023-08-08 05:35:08 +00:00
Douglas Bagnall
17e35c2691 fuzz: add fuzzer for ldb_comparison_fold
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:39 +00:00
Douglas Bagnall
019bee54c6 fuzz: add fuzzer for sess_crypt_blob
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:39 +00:00
Douglas Bagnall
5c007600dc util/base64: add a note about zero length strings
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:38 +00:00
Douglas Bagnall
c3ded9d934 lib/fuzzing:fuzz_sddl_access_check fix nul-term check
We were wanting to ensure the string contains a zero byte, but
instead were checking for a non-zero byte.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:38 +00:00
Douglas Bagnall
5c81f34935 lib/fuzzing: LLVMFuzzerTestOneInput() takes const uint8_t*
We have been using `uint8_t *`, which works fine as far as
linking goes, but leads fuzz target developers to sometimes
forget why they can't just modify the passed in string instead of
copying it for modification (e.g. to NUL-terminate).

REF: https://llvm.org/docs/LibFuzzer.html#fuzz-target

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:38 +00:00
Joseph Sutton
8ff5c51419 lib/util: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
6ee008d2d9 lib:socket: Add missing newlines to logging messages
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
ea888d6901 lib:mscat: Add missing newlines to logging messages
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
f14d5a0187 talloc: Fix typo
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
355fd3c7bf lib:charset: Update NUM_CHARSETS to reflect true value
CH_DISPLAY was removed in commit
125a2ff262, but NUM_CHARSETS was not
updated to match.

By assigning to NUM_CHARSETS the last enumeration value in charset_t, we
guard against its falling out of sync again.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
150d457b55 ldb: Work around inconsistent behaviour in PyObject_AsMessageElement()
PyObject_AsMessageElement() has ‘flags’ and ‘attr_name’ parameters to
set properties of the returned MessageElement, but they apply only
*sometimes*.

‘attr_name’ not being set can result in cryptic and misleading error
messages from various ldb operations.

Changing the function’s behaviour to be more consistent could break
existing code, so we work around the issue instead.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
d278f97d5e ldb: Clarify documentation for PyObject_AsMessageElement()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
77015f3ca0 ldb: Don’t leak ‘el’
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
229d270deb ldb: Check talloc_zero_array() return value
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
dc89fabbb5 ldb: Don’t leak ‘msg’
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
5820558592 ldb: Check talloc_strdup() return value
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
41e0951d91 ldb: Don’t decrement reference count until object is no longer needed
If ‘tmp’ happens to be garbage-collected, ‘name’ will become invalid.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
1cb91c6a78 ldb: Fix leaks
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
d5c309a547 ldb: Account for ‘name’ possibly being NULL
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
6ce9c6a306 ldb: Don’t pass NULL pointer into strcasecmp()
Doing so is undefined behaviour.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
f47aef7743 python: Use correct function signatures
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
8090e59541 lib/ldb-samba: Add missing newline to logging message
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Joseph Sutton
5c67b45221 lib/util: Add missing newlines to logging messages
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Joseph Sutton
aa9ca51946 lib/replace: Const-qualify sys_errlist
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Joseph Sutton
8ed6955365 lib:dbwrap: Remove unneeded space in debug message
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Andreas Schneider
edcebcd48a lib:tevent: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2023-08-03 14:31:34 +00:00
Andreas Schneider
d0b2c27d2f lib:fuzzing: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2023-08-03 14:31:34 +00:00
Andrew Bartlett
5cc861603a lib/util: Move DEBUG() calls in gendb_search_v to common levels and new DBG_*() pattern
This moves success logs 6 -> 10, failure logs 4 -> 5.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2023-07-31 10:56:54 +00:00
Pavel Filipenský
c58a714232 lib:krb5_wrap: Fix resource leak in smb_krb5_kt_seek_and_delete_old_entries
Reported by Red Hat internal covscan
leaked_storage: Variable "cursor" going out of scope leaks the storage it points to.

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-07-31 10:56:54 +00:00
Jule Anger
7319c7596e ldb: change the version to 2.9.0 for Samba 4.20
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jul 28 11:49:02 UTC 2023 on atb-devel-224
2023-07-28 11:49:02 +00:00
Jule Anger
94f11c3c21 ldb: release 2.8.0 for use in Samba 4.19.x
* CVE-2023-0614 Not-secret but access controlled LDAP attributes can be discovered (bug 15270)
* pyldb: Raise an exception if ldb_dn_get_parent() fails
* Implement ldap_whoami in pyldb and add the RFC4532 LDB_EXTENDED_WHOAMI_OID definition
* Documentation and spelling fixes
* Add ldb_val -> bool,uint64,int64 parsing functions
* Split out ldb_val_as_dn() helper function
* add LDB_CHANGETYPE_MODRDN support to ldb_ldif_to_pyobject()
* add LDB_CHANGETYPE_DELETE support to ldb_ldif_to_pyobject()
* let ldb_ldif_parse_modrdn() handle names without 'rdn_name=' prefix
* Don't create error string if there is no error
* Avoid allocation and memcpy() for every wildcard match candidate
* Make ldb_msg_remove_attr O(n)
* pyldb: Throw error on invalid controls
* pyldb: remove py2 ifdefs
* Call tevent_set_max_debug_level(TEVENT_DEBUG_TRACE)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270

Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2023-07-28 10:48:33 +00:00
Andrew Bartlett
e36a4149d8 librpc/idl: Remove DCOM and WMI IDL
As hinted in f2416493c0 the DCOM and WMI
IDL is now unused.  These generate code with PIDL, costing a small
amount of build time but more importantly are fuzzed, which costs an
ongoing amount of CPU time as oss-fuzz tries to find parsing issues.

We do not need to continue this waste, and these can be restored
if this effort is ever to start again.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-07-28 10:48:32 +00:00