git.ipfire.org Git - thirdparty/samba.git/commit

]> git.ipfire.org Git - thirdparty/samba.git/commit

projects / thirdparty / samba.git / commit

author	Gary Lockyer <gary@catalyst.net.nz>
	Thu, 2 Apr 2020 02:25:53 +0000 (15:25 +1300)
committer	Karolin Seeger <kseeger@samba.org>
	Tue, 21 Apr 2020 11:20:31 +0000 (13:20 +0200)
commit	f9d5c246f8ac0bc14706059df5c615acddef13db
tree	44b5585d4da028ffc1d367252e87d361776a79db	tree
parent	f931ec7b3875442d0c097c62b8e82bee4cb65584	commit \| diff

CVE-2020-10704: libcli ldap: test recursion depth in ldap_decode_filter_tree

Add tests to check that ASN.1 ldap requests with deeply nested elements
are rejected. Previously there was no check on the on the depth of
nesting and excessive nesting could cause a stack overflow.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

libcli/ldap/tests/data/10000-or.dat	[new file with mode: 0644]	blob
libcli/ldap/tests/data/ldap-recursive.dat	[new file with mode: 0644]	blob
libcli/ldap/tests/ldap_message_test.c	[new file with mode: 0644]	blob
libcli/ldap/wscript_build		diff \| blob \| blame \| history
selftest/knownfail.d/ldap_message	[new file with mode: 0644]	blob
source4/selftest/tests.py		diff \| blob \| blame \| history

Mirror of https://github.com/samba-team/samba.git

RSS Atom