]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d60683e) | patch
CVE-2023-0614 ldb: Filter on search base before redacting message
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Fri, 3 Mar 2023 04:35:55 +0000 (17:35 +1300)
committerJule Anger <janger@samba.org>
Mon, 20 Mar 2023 09:03:38 +0000 (10:03 +0100)
commita74571b49f5476cde430f11cd7bc256f17925fe8
treebe6dbff4ac094640340b9f30e4cb7c4e8ce88aactree
parentd60683e5e9daf243e9a2acc203b567c3a6c92567commit | diff
CVE-2023-0614 ldb: Filter on search base before redacting message

Redaction may be expensive if we end up needing to fetch a security
descriptor to verify rights to an attribute. Checking the search scope
is probably cheaper, so do that first.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
lib/ldb/common/ldb_match.c diff | blob | blame | history
lib/ldb/include/ldb_private.h diff | blob | blame | history
lib/ldb/ldb_key_value/ldb_kv_index.c diff | blob | blame | history
lib/ldb/ldb_key_value/ldb_kv_search.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git