samba.git/libcli/cldap, branch talloc-2.3.2 Unnamed repository; edit this file 'description' to name the repository. CVE-2020-10704: libcli ldap_message: Add search size limits to ldap_decode 2020-05-04T02:59:32+00:00 Gary Lockyer gary@catalyst.net.nz 2020-04-07T20:49:23+00:00 3149ea0a8aada3b03d1ca0af2e3a0f6304cda43b Add search request size limits to ldap_decode calls. The ldap server uses the smb.conf variable "ldap max search request size" which defaults to 250Kb. For cldap the limit is hard coded as 4096. Credit to OSS-Fuzz REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
Add search request size limits to ldap_decode calls.

The ldap server uses the smb.conf variable
"ldap max search request size" which defaults to 250Kb.
For cldap the limit is hard coded as 4096.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
CVE-2020-10704: lib util asn1: Add ASN.1 max tree depth 2020-05-04T02:59:31+00:00 Gary Lockyer gary@catalyst.net.nz 2020-04-02T23:18:03+00:00 f467727db5ff6a6e58d9b590e4d443a1d974b679 Add maximum parse tree depth to the call to asn1_init, which will be used to limit the depth of the ASN.1 parse tree. Credit to OSS-Fuzz REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
Add maximum parse tree depth to the call to asn1_init, which will be
used to limit the depth of the ASN.1 parse tree.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
libcli/cldap: clang: Fix 'Dereference of null pointer' 2019-07-16T22:52:24+00:00 Noel Power noel.power@suse.com 2019-07-11T11:28:58+00:00 a901c5768accd49b40b17b3350613ca7819a2854 Fixes: libcli/cldap/cldap.c:144:8: warning: Dereference of null pointer <--[clang] ev = c->searches.list->caller.ev; ^ 1 warning generated. Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> 
Fixes:

libcli/cldap/cldap.c:144:8: warning: Dereference of null pointer <--[clang]
                ev = c->searches.list->caller.ev;
                     ^
1 warning generated.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
tevent: Fix callers of tevent_req_set_endtime 2018-04-24T17:41:15+00:00 Volker Lendecke vl@samba.org 2018-04-23T13:36:28+00:00 a37d9a45d1ff1b5d311d190a8aac49bc2b2c7a9f tevent_req_set_endtime internally already calls tevent_req_nomem and thus sets the error status correctly. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 
tevent_req_set_endtime internally already calls tevent_req_nomem and thus sets
the error status correctly.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
cldap: Avoid a ZERO_STRUCTP 2018-04-03T22:44:22+00:00 Volker Lendecke vl@samba.org 2018-03-30T17:08:42+00:00 7bffd65bb570eb3b8a4502d52a18c98b7b640645 This is done implicitly by tevent_req_create Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> 
This is done implicitly by tevent_req_create

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
s3: cldap: cldap_multi_netlogon_send() fails with one bad IPv6 address. 2016-10-18T00:16:20+00:00 Jeremy Allison jra@samba.org 2016-10-17T17:07:23+00:00 44a7040500d74551b48eba04f5d0bedb1ec35ba6 Analysis by: Rebecca Gellman <rebecca@starfleet-net.co.uk> Ignore cldap_socket_init() failure when sending multiple cldap netlogon requests. Allow cldap_netlogon_send() to catch the bad address and correctly return through a tevent subreq. Make sure cldap_search_send() copes with cldap parameter == NULL. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12381 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Tue Oct 18 02:16:20 CEST 2016 on sn-devel-144 
Analysis by: Rebecca Gellman <rebecca@starfleet-net.co.uk>

Ignore cldap_socket_init() failure when sending
multiple cldap netlogon requests. Allow cldap_netlogon_send()
to catch the bad address and correctly return through a
tevent subreq.

Make sure cldap_search_send() copes with cldap parameter == NULL.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12381

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Oct 18 02:16:20 CEST 2016 on sn-devel-144
dlist: remove unneeded type argument from DLIST_ADD_END() 2016-02-06T20:48:17+00:00 Michael Adam obnox@samba.org 2016-02-05T10:32:18+00:00 476672b647e44898a6de8894b23e598ad13b1fcf Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
libcli: Remove a reference to asn1->ofs 2016-01-05T23:54:18+00:00 Volker Lendecke vl@samba.org 2016-01-04T09:30:35+00:00 3c340d81d8bf2e7b8488b150452bbcc4e3b521b6 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
libcli: Make sure status is initialized. 2014-10-31T02:47:40+00:00 Andreas Schneider asn@samba.org 2014-10-30T15:12:19+00:00 c3b00b99449c7d19de81a2b9e1b8ef776e8cbb20 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
libcli: Remove unreachable code in cldap. 2014-09-27T23:32:09+00:00 Andreas Schneider asn@samba.org 2014-09-26T11:25:41+00:00 763d37e6a4ba7121e940a95e56502180c13e363e Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>