mirror of
https://github.com/samba-team/samba.git
synced 2025-01-07 17:18:11 +03:00
2d0766a48b
We were creating the getnc_state (and storing it on the connection) before we had done some basic checks that the request was valid. If the request was not valid and we returned early with an error, then the partially-initialized getnc_state was left hanging on the connection. The next request that got sent on the connection would try to use this, rather than creating a new getnc_state from scratch. The main side-effect of this was if you sent an invalid GetNCChanges request twice, then it could be rejected the first time and accepted the second time. Note that although an invalid request was accepted, it would typically not return any objects, so it would not actually leak any secure information. Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> |
||
|---|---|---|
| .. | ||
| dns | ||
| getnc_unpriv | ||
| netlogon | ||
| ntlmv1-restrictions | ||
| README | ||
| smbclient-smb3 | ||
# Files in this directory contain lists of regular expressions # matching the names of tests that are temporarily expected to fail. # # "make test" will not report failures for tests listed here and will consider # a successful run for any of these tests an error. # # Empty lines and lines begining with '#' are ignored. # Please don't add tests to this README!