git.samba.org - samba.git/commit

author	Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
	Tue, 24 Nov 2015 00:09:36 +0000 (13:09 +1300)
committer	Ralph Boehme <slow@samba.org>
	Wed, 9 Dec 2015 16:17:04 +0000 (17:17 +0100)
commit	7bcac237656083e67bbac9b50be9b319bb2d7eb8
tree	bf686098471278c7c9075f5015054a40d56bdf89	tree
parent	1aef718f3cc175d90d40202a333042a38ba382b1	commit \| diff

CVE-2015-5330: ldb_dn_escape_value: use known string length, not strlen()

ldb_dn_escape_internal() reports the number of bytes it copied, so
lets use that number, rather than using strlen() and hoping a zero got
in the right place.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11599

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

lib/ldb/common/ldb_dn.c

diff | blob | history

Samba Shared Repository

RSS Atom