git.samba.org / kseeger / samba-autobuild-v4-16-test / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b1aba4e) | patch
CVE-2021-3738 s4:rpc_server/samr: make use of dcesrv_samdb_connect_as_*() helper
authorStefan Metzmacher <metze@samba.org>
Thu, 5 Aug 2021 12:24:40 +0000 (14:24 +0200)
committerJule Anger <janger@samba.org>
Mon, 8 Nov 2021 09:46:46 +0000 (10:46 +0100)
commit25c944643f3d6ea55767a389423571a1136c68bc
treef1795e885623f8ca14506517404fb10f283c9d8dtree
parentb1aba4e2bc7946c7ef2f4de30f4a41b016bdab4ecommit | diff
CVE-2021-3738 s4:rpc_server/samr: make use of dcesrv_samdb_connect_as_*() helper

This avoids a crash that's triggered by windows clients using
handles from samr_Connect*() on across multiple connections within
an association group.

In other cases is not strictly required, but it makes it easier to audit that
source4/rpc_server no longer calls samdb_connect() directly and also
improves the auditing for the dcesrv_samdb_connect_as_system() case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14468

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
source4/rpc_server/samr/dcesrv_samr.c diff | blob | history
source4/rpc_server/samr/samr_password.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.