sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-24 13:57:43 +03:00
Code
samba-mirror/source4
History
Gary Lockyer ae6927e4f0 librpc ndr: Heap-buffer-overflow in lzxpress_decompress 
Reproducer for oss-fuzz Issue 20083

Project: samba
Fuzzing Engine: libFuzzer
Fuzz Target: fuzz_ndr_drsuapi_TYPE_OUT
Job Type: libfuzzer_asan_samba
Platform Id: linux

Crash Type: Heap-buffer-overflow READ 1
Crash Address: 0x6040000002fd
Crash State:
  lzxpress_decompress
    ndr_pull_compression_xpress_chunk
      ndr_pull_compression_start

Sanitizer: address (ASAN)

Recommended Security Severity: Medium

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20083
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14236

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-07 08:53:40 +00:00
..
auth
s4/auth: use talloc_alpha_strcpy() in auth_session_info_fill_unix()
2020-02-06 10:17:43 +00:00
build/pasn1
cldap_server
source4 smdb: Add a post fork hook to the service API
2018-11-01 23:49:24 +01:00
client
s4: free popt context in client
2019-08-22 00:21:50 +00:00
cluster
dbwrap: Remove calls to loadparm
2018-04-24 01:53:19 +02:00
dns_server
dns: Always return SOA record for records we should know
2019-11-08 12:31:29 +00:00
dsdb
dsdb: Correctly handle memory in objectclass_attrs
2020-02-06 14:57:42 +00:00
echo_server
s4 echo_server: Enable prefork process model
2019-07-16 08:13:12 +00:00
heimdal
CVE-2019-14870: heimdal: enforce delegation_not_allowed in S4U2Self
2019-12-10 09:18:46 +00:00
heimdal_build
heimdal_build: Remove bashism from --address-sanitizer build rule
2020-01-18 12:25:16 +00:00
include
lib: Remove global xfile.h includes
2016-11-20 06:23:19 +01:00
kdc
mit-kdb: Fix license on header file
2019-12-17 09:24:56 +00:00
ldap_server
ldap_server: Regression in 0559430ab6e5c48d6e853fda0d8b63f2e149015c
2019-07-11 05:25:26 +00:00
lib
s4:lib: Make sure we close fd's in error path
2019-12-10 00:30:29 +00:00
libcli
Convert samba4.base.*attr tests to smb2
2019-12-20 22:01:28 +00:00
libnet
smbdes: convert E_old_pw_hash to use gnutls
2019-12-10 00:30:31 +00:00
librpc
selftest: Confirm parse of dnsProperty records
2019-12-20 10:09:34 +00:00
nbt_server
smbdotconf: mark "wins hook" with substitution="1"
2019-11-27 10:25:36 +00:00
ntp_signd
lib/crypto: move gnutls error wrapper to own subsystem
2019-06-27 12:54:22 +00:00
ntvfs
ntvfs: Remove pvfs_aio.c
2019-10-04 17:01:39 +00:00
param
s4:param: make sure secrets_db_connect() no longer creates on empty secrets.ldb
2020-02-05 10:13:02 +00:00
rpc_server
s4:rpc_server/lsa: remove some useless talloc_reference() calls
2020-02-05 08:46:38 +00:00
script
PY3: change shebang to python3 in source4/dsdb dir
2018-12-14 14:40:20 +01:00
scripting
source4/scripting/bin: Swap machine account password scripts
2020-02-06 14:57:42 +00:00
selftest
librpc ndr: Heap-buffer-overflow in lzxpress_decompress
2020-02-07 08:53:40 +00:00
setup
selftest: add test for samba-tool groupmember --member-base-dn option
2020-01-21 14:38:47 +00:00
smb_server
s4/smb_server: Fix handling of SMB2 messages after Netbios session setup
2019-12-05 18:44:40 +00:00
smbd
Happy New Year 2020!
2020-01-01 12:04:52 +00:00
torture
s4:torture: make rpc.handles.random-assoc test even more robust
2020-02-06 14:57:41 +00:00
utils
source4/utils/oLschema2ldif: include stdint.h before cmocka.h
2019-12-18 16:57:52 +00:00
winbind
s4/winbind: clang: Fixes 'Value stored during its initialization is never read'
2019-09-26 18:41:26 +00:00
wrepl_server
source4 smdb: Add a post fork hook to the service API
2018-11-01 23:49:24 +01:00
.clang_complete
s3-build: Add .clang_complete.
2011-10-27 17:09:50 +02:00
.valgrind_suppressions
wscript_build
Do not install smbclient4 and nmblookup4
2014-04-15 03:25:13 +02:00