git.samba.org - metze/samba/wip.git/commit

author	Björn Baumbach <bb@sernet.de>
	Tue, 6 Aug 2019 14:32:32 +0000 (16:32 +0200)
committer	Karolin Seeger <kseeger@samba.org>
	Tue, 29 Oct 2019 11:58:45 +0000 (11:58 +0000)
commit	ef58222616fc3175f189417ce878d8413ba2d294
tree	4dd7c92b2f2f262b27983903e7e5f97933ad1cd3	tree
parent	d524c7ddee92a457ba680853b6c25c877d881ff8	commit \| diff

CVE-2019-14833 dsdb: send full password to check password script

utf8_len represents the number of characters (not bytes) of the
password. If the password includes multi-byte characters it is required
to write the total number of bytes to the check password script.
Otherwise the last bytes of the password string would be ignored.

Therefore we rename utf8_len to be clear what it does and does
not represent.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438

Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Tue Oct 29 11:58:45 UTC 2019 on sn-devel-184

selftest/knownfail.d/unacceptable-passwords	[deleted file]	blob \| history
source4/dsdb/common/util.c		diff \| blob \| history