summaryrefslogtreecommitdiff
path: root/python/samba/tests/dns_packet.py
AgeCommit message (Collapse)AuthorFilesLines
2026-04-16pytests: dns_packet tests check rcodes match WindowsDouglas Bagnall1-27/+148
the dns_packet tests originally checked only for a particular DoS situation (CVE-2020-10745) but now we widen them to ensure Samba's replies to invalid packets resembles those of Windows (in particular, Windows 2012r2). We want Samba to reply only when Windows replies, and with the same rcode. At present we fail a lot of these tests. The original CVE-2020-10745 test is retained and widened indirectly -- any test that leaves the server unable to respond within 0.5 seconds will count as a failure. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14378 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
2023-10-25python:tests: Remove unnecessary f‐stringsJoseph Sutton1-2/+2
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-07-02CVE-2020-14303 Ensure an empty packet will not DoS the NBT serverAndrew Bartlett1-0/+19
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2020-07-02CVE-2020-10745: pytests: hand-rolled invalid dns/nbt packet testsDouglas Bagnall1-0/+211
The client libraries don't allow us to make packets that are broken in certain ways, so we need to construct them as byte strings. These tests all fail at present, proving the server is rendered unresponsive, which is the crux of CVE-2020-10745. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14378 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-06 23:43:54 +0000