IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
As per MS-FSA 2.1.5.10.22 FSCTL_QUERY_ALLOCATED_RANGES, if response
range entries exceed in_max_output, then we should respond with
STATUS_BUFFER_OVERFLOW and a truncated output buffer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15699
Reported-by: David Howells <dhowells@redhat.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Aug 28 08:54:11 UTC 2024 on atb-devel-224
(cherry picked from commit 5e278a52646a48e3671270e5b57ec5b852f9fb4b)
FSCTL_QUERY_ALLOCATED_RANGES responses with more than one range should
be truncated to account for a ioctl.smb2.in.max_output_response limit.
Add a test for this.
Flag the new test knownfail; fix in subsequent commit.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
(cherry picked from commit 5cf57f1f539021f1490285516d8cfb2a2ab483e0)
This reverts commit b6ebcd635a0cbcabb512230ced1392c68d008bae.
Wrong patchset applied. This is the one for 4.19/4.20. The correct patch
set will be the subsequent commits.
See: https://bugzilla.samba.org/show_bug.cgi?id=15699
Signed-off-by: Jule Anger <janger@samba.org>
This reverts commit 10dddd55152efbe578b01b25c8bb58a9ea7abc3b.
Wrong patchset applied. This is the one for 4.19/4.20. The correct patch
set will be the subsequent commits.
See: https://bugzilla.samba.org/show_bug.cgi?id=15699
Signed-off-by: Jule Anger <janger@samba.org>
As per MS-FSA 2.1.5.10.22 FSCTL_QUERY_ALLOCATED_RANGES, if response
range entries exceed in_max_output, then we should respond with
STATUS_BUFFER_OVERFLOW and a truncated output buffer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15699
Reported-by: David Howells <dhowells@redhat.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Aug 28 08:54:11 UTC 2024 on atb-devel-224
(cherry picked from commit 5e278a52646a48e3671270e5b57ec5b852f9fb4b)
Autobuild-User(v4-21-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-21-test): Thu Aug 29 15:30:50 UTC 2024 on atb-devel-224
FSCTL_QUERY_ALLOCATED_RANGES responses with more than one range should
be truncated to account for a ioctl.smb2.in.max_output_response limit.
Add a test for this.
Flag the new test knownfail; fix in subsequent commit.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
(cherry picked from commit 5cf57f1f539021f1490285516d8cfb2a2ab483e0)
This shows that all compound related requests should get
NT_STATUS_NETWORK_SESSION_EXPIRED.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15696
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f6009aa73b9234df1e6ab689de322487ad1394ed)
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 18 12:36:25 UTC 2024 on atb-devel-224
`sr.in.info = info` is correctly set later after we called
dcerpc_lsa_QueryTrustedDomainInfoByName_r() which filling the info
pointer with data.
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/rpc/forest_trust.c:211: var_decl: Declaring variable ""info"" without initializer.
samba-4.20.0rc2/source4/torture/rpc/forest_trust.c:248: uninit_use: Using uninitialized value ""info"".
246| sr.in.trusted_domain = talloc_zero(tctx, struct lsa_String);
247| sr.in.trusted_domain->string = name;
248|-> sr.in.info = info;
249|
250| for (c = 0; il[c].info_level != -1; c++) {"
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jul 16 12:42:39 UTC 2024 on atb-devel-224
Patch updated for recent samba versions in merge request #3295 by kvvloten
Initial patch created by Jeremy Allison (https://www.spinics.net/lists/samba/msg161128.html) to log LDAP server queries/functions in a separate file
Signed-off-by: Andréas Leroux <aleroux@tranquil.it>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jul 9 08:37:22 UTC 2024 on atb-devel-224
Since we have ensured that val->length >= sizeof(hash->hash),
MIN(val->length, sizeof(hash->hash)) will here always be equal to
sizeof(hash->hash).
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Martin Schwenke <martin@meltin.net>
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:1244: var_decl: Declaring variable ""wins_name1"" without initializer.
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:4835: assign: Assigning: ""wins_name_r1"" = ""&wins_name1"", which points to uninitialized data.
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:4905: uninit_use_in_call: Using uninitialized value ""*wins_name_r1"". Field ""wins_name_r1->is_group"" is uninitialized when calling ""test_wrepl_update_one"".
4903|
4904| /* now apply R1 */
4905|-> ret &= test_wrepl_update_one(tctx, ctx, records[i].r1.owner, wins_name_r1);
4906| ret &= test_wrepl_is_applied(tctx, ctx, records[i].r1.owner,
4907| wins_name_r1, records[i].r1.apply_expected);"
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jun 28 12:44:31 UTC 2024 on atb-devel-224
Found by Covscan.
"Error: INTEGER_OVERFLOW (CWE-190):
samba-4.20.0rc2/source4/dsdb/schema/schema_query.c:403: tainted_data_argument: The check ""i < new_len"" contains the tainted expression ""i"" which causes ""new_len"" to be considered tainted.
samba-4.20.0rc2/source4/dsdb/schema/schema_query.c:407: overflow: The expression ""new_len - i"" is deemed underflowed because at least one of its arguments has underflowed.
samba-4.20.0rc2/source4/dsdb/schema/schema_query.c:407: overflow: The expression ""(new_len - i) * 8UL"" is deemed underflowed because at least one of its arguments has underflowed.
samba-4.20.0rc2/source4/dsdb/schema/schema_query.c:407: overflow_sink: ""(new_len - i) * 8UL"", which might have underflowed, is passed to ""memmove(val1, val2, (new_len - i) * 8UL)"". [Note: The source code implementation of the function has been overridden by a builtin model.]
405| const char **val2 = &attr_list[i];
406| if (ldb_attr_cmp(*val1, *val2) == 0) {
407|-> memmove(val1, val2, (new_len - i) * sizeof( *attr_list));
408| attr_list[new_len-1] = NULL;
409| new_len--;"
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Found by Covscan.
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:5040: var_decl: Declaring variable ""wins_name_"" without initializer.
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:5041: assign: Assigning: ""wins_name"" = ""&wins_name_"", which points to uninitialized data.
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:6680: uninit_use_in_call: Using uninitialized value ""*wins_name"". Field ""wins_name->is_group"" is uninitialized when calling ""test_wrepl_update_one"".
6678| wins_name->unknown = ""255.255.255.255"";
6679|
6680|-> ret &= test_wrepl_update_one(tctx, ctx, &ctx->b, wins_name);
6681| ret &= test_wrepl_is_applied(tctx, ctx, &ctx->b, wins_name, true);
6682| } else {"
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
