git.samba.org / martins / samba-autobuild / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9a0ace3) | patch
CVE-2019-3824 ldb: wildcard_match check tree operation
authorGary Lockyer <gary@catalyst.net.nz>
Mon, 18 Feb 2019 21:26:25 +0000 (10:26 +1300)
committerStefan Metzmacher <metze@samba.org>
Tue, 26 Feb 2019 12:00:12 +0000 (13:00 +0100)
commit41fd2cde0c7e422381c7ae62296b1767feec9dcb
treedb0076993ce3704e3210460d03edcd4ac2c714batree
parent9a0ace323908104b01840c4ff3e01376d20cb5c3commit | diff
CVE-2019-3824 ldb: wildcard_match check tree operation

Check the operation type of the passed parse tree, and return
LDB_INAPPROPRIATE_MATCH if the operation is not LDB_OP_SUBSTRING.

A query of "attribute=*" gets parsed as LDB_OP_PRESENT, checking the
operation and failing ldb_wildcard_match should help prevent confusion
writing tests.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13773

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 34383981a0c40860f71a4451ff8fd752e1b67666)
lib/ldb/common/ldb_match.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.