samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00

History

Gary Lockyer ae6927e4f0 librpc ndr: Heap-buffer-overflow in lzxpress_decompress

Reproducer for oss-fuzz Issue 20083

Project: samba
Fuzzing Engine: libFuzzer
Fuzz Target: fuzz_ndr_drsuapi_TYPE_OUT
Job Type: libfuzzer_asan_samba
Platform Id: linux

Crash Type: Heap-buffer-overflow READ 1
Crash Address: 0x6040000002fd
Crash State:
  lzxpress_decompress
    ndr_pull_compression_xpress_chunk
      ndr_pull_compression_start

Sanitizer: address (ASAN)

Recommended Security Severity: Medium

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20083
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14236

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

2020-02-07 08:53:40 +00:00

provisions

gp_inf: Read/write files with a UTF-16LE BOM in GptTmpl.inf

2019-07-19 02:20:47 +00:00

win

Spelling fixes s/preceeding/preceding/

2019-09-01 22:21:28 +00:00

test_samba3dump.sh

s4/scripting: PY3 Ensure python scripts are run with correct python ver.

2018-10-23 05:50:25 +02:00

test_w2k3_file.sh

s4 torture: Split up the torture suite setup for RAW-SFILEINFO