samba.git/libcli/ldap/tests/data, branch talloc-2.4.4 Unnamed repository; edit this file 'description' to name the repository. libcli/ldap: Test decoding an exop response 2020-07-09T20:16:40+00:00 Volker Lendecke vl@samba.org 2020-06-23T17:14:37+00:00 60b0928945c9be3785b5e2855b066f9f97beb2df ldap-starttls-response.dat is a reply to a starttls extended operation. Right now ldap_decode() does not handle this correctly. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> 
ldap-starttls-response.dat is a reply to a starttls extended
operation. Right now ldap_decode() does not handle this correctly.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
CVE-2020-10704: libcli ldap: test recursion depth in ldap_decode_filter_tree 2020-05-04T02:59:32+00:00 Gary Lockyer gary@catalyst.net.nz 2020-04-02T02:25:53+00:00 b0832d20163146e59586de5556a3ef75187f600f Add tests to check that ASN.1 ldap requests with deeply nested elements are rejected. Previously there was no check on the on the depth of nesting and excessive nesting could cause a stack overflow. Credit to OSS-Fuzz REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
Add tests to check that ASN.1 ldap requests with deeply nested elements
are rejected.  Previously there was no check on the on the depth of
nesting and excessive nesting could cause a stack overflow.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>