samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-02-18 17:57:55 +03:00

History

Douglas Bagnall 4548760ee8 ldb/attrib_handler casefold: simplify space dropping

As seen in CVE-2021-20277, ldb_handler_fold() has been making mistakes
when collapsing spaces down to a single space.

This patch fixes the way it handles internal spaces (CVE-2021-20277
was about leading spaces), and involves a rewrite of the parsing loop.

The bug has a detailed description of the problem.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14656

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Apr  7 03:16:39 UTC 2021 on sn-devel-184
(cherry picked from commit  24ddc1ca9cad95673bdd8023d99867707b37085f)

2021-11-02 20:36:16 +00:00

addns

dnsupdates: clean up all RRSets and not only type A

2020-12-23 12:45:35 +00:00

afs

s3:param: make "servicename" a substituted option

2019-11-27 10:25:37 +00:00

async_req

lib: Fix a valgrind error

2020-04-23 21:53:38 +00:00

audit_logging

audit_logging tests: Fix timezone validation

2020-03-07 06:37:09 +00:00

compression

lzxpress: avoid technically undefined shift

2020-08-31 22:31:13 +00:00

crypto

lib:crypto: Add py binding for set_relax/strict fips mode

2020-10-29 14:19:36 +00:00

dbwrap

dbwrap_rbt: support TDB_INSERT and TDB_MODIFY store flags

2020-06-10 19:08:40 +00:00

fuzzing

oss-fuzz: Add very verbose explaination for RPATH vs RUNPATH

2020-10-23 00:33:57 +00:00

krb5_wrap

lib/krb5_wrap: Fix missing error check in new salt code

2021-10-26 12:00:28 +00:00

ldb

ldb/attrib_handler casefold: simplify space dropping

2021-11-02 20:36:16 +00:00

ldb-samba

Fix build after removal of an extra safe_string.h

2020-10-01 22:45:29 +00:00

messaging

lib: relicense smb_strtoul(l) under LGPLv3

2020-08-03 22:21:02 +00:00

mscat

lib:mscat: Add missing return check for error in dumpsmcat

2019-05-24 06:07:08 +00:00

param

lib: lib/param/param.h references TALLOC_CTX

2021-01-12 00:10:30 +00:00

printer_driver

lib:printer_driver: Retrieve Class value

2019-01-28 15:44:18 +01:00

pthreadpool

build: Do not build selftest binaries for builds without --enable-selftest

2019-11-22 11:48:59 +00:00

replace

replace: copy_file_range()

2021-08-11 09:54:14 +00:00

smbconf

waf: add library dependency for sendfile on Solaris

2019-02-17 13:33:15 +01:00

socket

lib/socket: autodetect RSS using ETHTOOL_GRXRINGS

2020-05-07 14:44:40 +00:00

talloc

python: Ensure reference counts are properly incremented

2021-09-16 06:50:11 +00:00

tdb

Fix Python docstrings

2021-10-26 12:00:28 +00:00

tdb_wrap

tdb_wrap: Use a struct initializer

2015-07-23 14:39:18 +02:00

tdr

lib: Fix 1354521 Unchecked return value

2016-03-01 21:49:44 +01:00

tevent

Fix Python docstrings

2021-10-26 12:00:28 +00:00

texpect

waf/texpect: add required nsl dependency for Solaris

2020-11-10 06:53:42 +00:00

torture

lib/torture: fix subunit names of nested suites

2020-07-07 10:30:40 +00:00

tsocket

tsocket: Fix a few typos

2021-01-14 13:29:35 +00:00

util

lib: add sys_io_ranges_overlap()

2021-08-11 09:54:14 +00:00

README

various: Remove references to about to be deleted thirdparty/dnspython

2018-12-11 20:07:18 +01:00

wscript_build

Remove 'external' python module support code - use the third_party directory instead.

2015-03-06 04:41:48 +01:00

README

compression - Various compression algorithms (MSZIP, lzxpress)
popt - Command-line option parsing library
replace - Provides replacements for standard (POSIX, C99) functions 
          not provided by the host platform.
subunit - Utilities and bindings for working with the Subunit test result 
          reporting protocol.
talloc - Hierarchical pool based memory allocator 
tdb - Simple but fast key/value database library, supporting multiple writers
torture - Simple unit testing helper library