1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
samba-mirror/lib
Douglas Bagnall 6722e80d1b ldb-samba: ldif-handlers: make ldif_comparison_objectSid() accurate
This function compares blobs that might be SID strings or might be SID
structures. Until now, if they were both (seemingly) strings, they were
compared as strings, otherwise if either was a string it was converted to
a structure blob, then the blobs were compared. This had two big problems:

1. There is variety in the way a SID can be stringified. For example,
   "s-1-02-3" means the same SID as "S-1-2-3", but those wouldn't compare
   equal.

2. SID comparison was crazily non-transitive. Consider the three values
     a = "S-1-2-3-4-5",
     b = "S-1-9-1",
     c = SID("S-1-11-1"), where c is a struct and the others are string.

   then we had,
     a < b, because the 5th character '2' < '9'.
     a > c, because when converted to a structure, the number of sub-auths
            is the first varying byte. a has 3, c has 0.
     b < c, because after the sub-auth count comes the id_auth value
            (big-endian, which doesn't matter in this case).

That made the function unreliable for sorting, AND for simple equality
tests. Also it leaked.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-04-23 01:33:29 +00:00
..
addns lib:addns: Don’t call memcpy() with a NULL pointer 2023-05-05 02:54:31 +00:00
afs auth: Make more liberal use of SID index constants 2023-02-08 00:03:39 +00:00
async_req lib: Remove an obsolete comment 2024-04-17 09:01:34 +00:00
audit_logging lib:audit_logging: Initialize ‘tm’ structure 2023-09-27 02:43:28 +00:00
cmdline lib:cmdline: Fix code spelling 2023-12-21 20:21:34 +00:00
compression lib:compression: Update my name 2024-02-16 02:41:36 +00:00
crypto lib:crypto: Add more unit tests for GKDI functions 2024-04-21 22:10:36 +00:00
dbwrap lib: Fix dbwrap_tdb.h prerequisites 2024-03-28 08:05:35 +00:00
fuzzing lib: Give lib/util/util_file.c its own header file 2024-04-16 23:51:45 +00:00
krb5_wrap Do not fail checksums for RFC8009 types 2024-04-08 03:00:39 +00:00
ldb ldb: comment for ldb_dn_compare_base 2024-04-23 01:33:29 +00:00
ldb-samba ldb-samba: ldif-handlers: make ldif_comparison_objectSid() accurate 2024-04-23 01:33:29 +00:00
messaging lib:messaging: Fix code spelling 2023-04-11 09:06:36 +00:00
mscat lib:mscat: Remove unnecessary casts 2023-09-14 21:35:28 +00:00
param smbdotconf: Enable "winbind debug traceid" by default 2024-04-15 18:47:41 +00:00
printer_driver lib:printer_driver: Check return value of gp_inifile_enum_section() (CID 1444835) 2023-10-13 02:18:30 +00:00
pthreadpool lib:pthreadpool: Fix code spelling 2023-04-11 09:06:36 +00:00
replace lib: Simplify _hexcharval 2024-03-12 13:31:31 +00:00
smbconf Use python.h from libreplace 2023-11-20 15:37:33 +00:00
socket lib/socket: rearrange iface_comp() to use NUMERIC_CMP 2024-04-23 01:33:29 +00:00
talloc talloc: release 2.4.2 2024-01-29 14:39:32 +00:00
tdb docs: Document new tdbdump -x option 2024-04-16 18:37:17 +00:00
tdb_wrap lib: Open tdb files with O_CLOEXEC 2021-06-04 16:47:34 +00:00
tdr util/charset: Rename utf16_len_n() to utf16_null_terminated_len_n() 2023-11-15 22:07:36 +00:00
tevent tevent: release 0.16.1 2024-01-29 14:39:32 +00:00
texpect texpect: don't ignore unknown options 2021-09-10 15:10:30 +00:00
torture lib/torture: add assert_int_{less,greater} macros 2024-04-10 22:56:33 +00:00
tsocket lib/tsocket: add tstream_bsd_fail_readv_first_error() 2023-10-24 09:36:37 +00:00
util lib: Add fdopen_keepfd() 2024-04-16 23:51:45 +00:00
README various: Remove references to about to be deleted thirdparty/dnspython 2018-12-11 20:07:18 +01:00
wscript_build

compression - Various compression algorithms (MSZIP, lzxpress)
popt - Command-line option parsing library
replace - Provides replacements for standard (POSIX, C99) functions 
          not provided by the host platform.
subunit - Utilities and bindings for working with the Subunit test result 
          reporting protocol.
talloc - Hierarchical pool based memory allocator 
tdb - Simple but fast key/value database library, supporting multiple writers
torture - Simple unit testing helper library