]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ca2be7c)
CVE-2020-10730: dsdb: Fix crash when vlv and paged_results are combined
authorAndrew Bartlett <abartlet@samba.org>
Wed, 6 May 2020 05:05:30 +0000 (17:05 +1200)
committerKarolin Seeger <kseeger@samba.org>
Thu, 25 Jun 2020 11:04:45 +0000 (13:04 +0200)
The GUID is not returned in the DN for some reason in this (to be banned)
combination.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
source4/dsdb/samdb/ldb_modules/paged_results.c patch | blob | blame | history

diff --git a/source4/dsdb/samdb/ldb_modules/paged_results.c b/source4/dsdb/samdb/ldb_modules/paged_results.c
index dff247a9a5568b94c9c6cf0518dbc5da4db91985..c442a967792476d099bf2fab436d367711e82916 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/paged_results.c
+++ b/source4/dsdb/samdb/ldb_modules/paged_results.c
@@ -416,6 +416,10 @@ static int paged_search_callback(struct ldb_request *req,
 
                guid_blob = ldb_dn_get_extended_component(ares->message->dn,
                                                          "GUID");
+               if (guid_blob == NULL) {
+                       return ldb_module_done(ac->req, NULL, NULL,
+                                              LDB_ERR_OPERATIONS_ERROR);
+               }
                status = GUID_from_ndr_blob(guid_blob, &guid);
                if (!NT_STATUS_IS_OK(status)) {
                        return ldb_module_done(ac->req, NULL, NULL,
Mirror of https://github.com/samba-team/samba.git