sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Code
3149ea0a8a
samba-mirror/source4/libcli
History
Gary Lockyer 3149ea0a8a CVE-2020-10704: libcli ldap_message: Add search size limits to ldap_decode 
Add search request size limits to ldap_decode calls.

The ldap server uses the smb.conf variable
"ldap max search request size" which defaults to 250Kb.
For cldap the limit is hard coded as 4096.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-04 02:59:32 +00:00
..
composite s4-libcli: Remove unused header from composite/composite.c 2019-11-10 22:27:47 +00:00
dgram libdgram: Fix an error path memleak 2018-04-13 21:04:28 +02:00
ldap CVE-2020-10704: libcli ldap_message: Add search size limits to ldap_decode 2020-05-04 02:59:32 +00:00
rap s4-libcli/rap: Set the switch_value before NDR_BUFFERS to prepare for new libndr behaviour 2019-12-12 02:30:40 +00:00
raw Implement alt name query for smb2 2020-04-28 18:09:39 +00:00
resolve source4: Update all consumers of strtoul_err(), strtoull_err() to new API 2019-06-30 11:32:18 +00:00
security/tests s4:libcli/tests: add missing #include "torture/local/proto.h" 2014-04-02 09:03:44 +02:00
smb2 Implement alt name query for smb2 2020-04-28 18:09:39 +00:00
smb_composite s4/libcli: clang: Fix 'initialization value is never read' 2019-07-16 22:52:24 +00:00
smbc
util Add SMB2 lsa helper routines 2020-04-28 18:09:39 +00:00
wbclient wbclient: "ev" is no longer used in wbc_xids_to_sids 2016-09-28 00:04:36 +02:00
wrepl
cliconnect.c s4:libcli: fix 'Conditional jump or move' valgrind error 2016-04-25 10:35:15 +02:00
clideltree.c s4/libcli/clideltree.c: clang: Value stored to 'status' is never read 2019-09-25 09:47:31 +00:00
clifile.c
clilist.c
climessage.c
clireadwrite.c source4/libcli/clireadwrite.c: typo fixes 2019-10-31 00:43:37 +00:00
clitrans2.c
finddc.h
finddcs_cldap.c s4: libcli/finddcs_cldap: continue processing CLDAP until all addresses are used 2015-05-20 19:29:30 +02:00
libcli.h source4/libcli/libcli.h: typo fixes 2019-10-31 00:43:37 +00:00
wscript_build s4:libcli: Remove (now unused) pysmb.c bindings 2019-01-26 04:05:25 +01:00