IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Aug 7 04:44:17 UTC 2020 on sn-devel-184
The correct line should have been
talloc_realloc(ndr->current_mem_ctx, a, const char *, count + 2);
because if the loop does not increment count on exit (it exits via
break), so count is left pointing at the thing that just got put in.
i.e., if there was one item it is at a[0], count is 0, but we also
need the trailing NULL byte at a[1] and the length is 2. Thus + 2, not
+ 1.
This will not affect ordinary (that is, non-malicious) traffic,
because talloc_realloc will not actually realloc unless it is saving a
kilobyte. Since the allocation grows slowly with the exponent ~1.25,
the actual reallocs will start happening at some point between 512 and
1024 items.
In the example we have, there were 666 pointers, and space for 824 was
allocated.
Rather than doing the +2 realloc, it is simpler to leave it off
altogether; in the common case (<512 items) it is a no-op anyway, and
in the best possible case it reduces the temporary array by 20%.
Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24646
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Before, talloc_realloc() was being called n times for an array of
length n. This could be very expensive on long string arrays since it
is reasonable to assume each realloc moves O(n) bytes.
This addresses at least one OSS-Fuzz bug, making a timing out test case
100 times faster. Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19706
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We don't want to leave other parts of the ndr struct hanging off this
string array just because LIBNDR_FLAG_REMAINING is used.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
NBT has a funny thing where it sometimes needs to send a trailing dot as
part of the last component, because the string representation is a user
name. In DNS, "example.com", and "example.com." are the same, both
having three components ("example", "com", ""); in NBT, we want to treat
them differently, with the second form having the three components
("example", "com.", "").
This retains the logic of e6e2ec0001.
Also DNS compression cannot be turned off for NBT.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14378
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
The empty subdomain component is reserved for the root domain, which we
should only (and always) see at the end of the list. That is, we expect
"example.com.", but never "example..com".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14378
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This is because ndr_nbt.c does almost exactly the same thing with
almost exactly the same code, and they both do it wrong. Soon they
will both be using the better version that this will become. Though in
this patch we just move the code, not fix it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14378
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
These time the push and pull function in isolation.
Timing should be under 0.0001 seconds on even quite old hardware; we
assert it must be under 0.2 seconds.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14378
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This will be used by a test and the DNS server code to parse short dnsProperty
records which come from Windows servers.
This example is from the value that caused Samba to fail as it
can not be parsed as a normal dnsp_DnsProperty
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14310
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Craft core structures to dispatch local calls in the same way as remote
ones, removing the special handling in the autogenerated code.
This is also necessary to drop s3 rpc handles implementation.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Apr 8 22:23:05 UTC 2020 on sn-devel-184
This fixes the build on FreeBSD 12.1 and maybe other systems.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
If the struct has zero or two schedules, that is what it has, and we
should let that be.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Mar 22 06:19:51 UTC 2020 on sn-devel-184
To be used in rpcint_binding_handle, prepare to remove legacy api_struct
and S3 pidl generated code.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Found while trying to run winexe against Windows Server 2019.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Limit the max_recursion on self recursive definitions in the idl to
20,000. This value is hopefully large eneough to not impact normal
operation, but small eneough to prevent stack over flow issues.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19820
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14254
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Feb 27 02:29:21 UTC 2020 on sn-devel-184
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 16 21:34:27 UTC 2020 on sn-devel-184
This is like close-share, but kicks out only active users where share
access controls are changed such that now access would be denied
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Fix for
*** CID 1457529: Error handling issues (CHECKED_RETURN)
/librpc/ndr/ndr_basic.c: 786 in ndr_push_full_ptr()
...
ID 1457529: Error handling issues (CHECKED_RETURN)
Calling "ndr_token_store" without checking return value (as is done
elsewhere 14 out of 17 times).
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Thu Jan 9 21:49:00 UTC 2020 on sn-devel-184
The new macros allow the same macro convenience for enum functions without
level discriminator.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The charset determination makes it more difficult to deal with the real
REG_MULTI_SZ nature of that element.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This simply matches the behaviour from before e7b1acaddf
when the logic for a trailing . was added. This matches what is added in
the dnsRecord attribute for a name of "." over the dnsserver RPC
management interface and is based on what Windows does for that name
in (eg) an MX record.
No a security bug because we use talloc and so name will be just the
end of the talloc header.
Credit to OSS-Fuzz
Found using the fuzz_ndr_X fuzzer
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Dec 20 11:33:52 UTC 2019 on sn-devel-184
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Dec 20 09:01:30 UTC 2019 on sn-devel-184
