mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
6fb98f70c6
We were skipping the pull in cases where the coda size was calculated to be zero. This has the right result for empty conditional ACEs, but not for Resource Attribute ACEs where the CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1 coda was not intialised. The situation is made a bit worse, because the function that calculates the coda size (ndr_subcontext_size_of_ace_coda()) can return zero in conditions that are not exactly errors, but in which the would-be calculated value makes so little sense that zero is thought to be a safer default. Credit to OSS-Fuzz. REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66577 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15613 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Mar 25 06:00:21 UTC 2024 on atb-devel-224 |
||
---|---|---|
.. | ||
ABI | ||
gen_ndr | ||
idl | ||
ndr | ||
rpc | ||
tests | ||
tools | ||
wsp | ||
binding-strings.txt | ||
ndr_krb5pac.pc.in | ||
ndr_nbt.pc.in | ||
ndr_standard.pc.in | ||
ndr.pc.in | ||
tables.pl | ||
wscript_build |