git.samba.org / kseeger / samba-autobuild / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 41fd2cd) | patch
CVE-2019-3824 ldb: wildcard_match end of data check
authorGary Lockyer <gary@catalyst.net.nz>
Mon, 18 Feb 2019 21:26:56 +0000 (10:26 +1300)
committerStefan Metzmacher <metze@samba.org>
Tue, 26 Feb 2019 12:00:12 +0000 (13:00 +0100)
commitaecd14f8bdc00519c981f17d398df3054fcab9da
treea0ffa1e51c25f6cd30e9d2c91998b5c6e35583d0tree
parent41fd2cde0c7e422381c7ae62296b1767feec9dcbcommit | diff
CVE-2019-3824 ldb: wildcard_match end of data check

ldb_handler_copy and ldb_val_dup over allocate by one and add a trailing '\0'
to the data, to make them safe to use the C string functions on.

However testing for the trailing '\0' is not the correct way to test for
the end of a value, the length should be checked instead.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13773

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 42f0f57eb819ce6b68a8c5b3b53123b83ec917e3)
lib/ldb/common/ldb_match.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.