From 92cf3328a00cacb07fe7c6b7abf5335dc8235e86 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 17 Mar 2023 14:08:34 +0100 Subject: [PATCH] CVE-2023-4154 python/samba/ndr: add ndr_deepcopy() helper This uses ndr_pack/unpack in order to create a deep copy of the given object. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424 Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett Reviewed-by: Douglas Bagnall (cherry picked from commit 4627997ddae44265ad35b3234232eb74458c6c34) --- python/samba/ndr.py | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/python/samba/ndr.py b/python/samba/ndr.py index 35b2414e8ae..8369abfb2d0 100644 --- a/python/samba/ndr.py +++ b/python/samba/ndr.py @@ -56,6 +56,25 @@ def ndr_print(object): return ndr_print() +def ndr_deepcopy(object): + """Create a deep copy of a NDR object, using pack/unpack + + :param object: Object to copy + :return: The object copy + """ + ndr_pack = getattr(object, "__ndr_pack__", None) + if ndr_pack is None: + raise TypeError("%r is not a NDR object" % object) + data = ndr_pack() + cls = type(object) + copy = cls() + ndr_unpack = getattr(copy, "__ndr_unpack__", None) + if ndr_unpack is None: + raise TypeError("%r is not a NDR object" % copy) + ndr_unpack(data, allow_remaining=False) + return copy + + def ndr_pack_in(object, bigendian=False, ndr64=False): """Pack the input of an NDR function object. -- 2.34.1