]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2869b5a)
CVE-2022-32746 s4/dsdb/repl_meta_data: Use LDB_FLAG_MOD_TYPE() for flags equality...
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Tue, 14 Jun 2022 07:49:19 +0000 (19:49 +1200)
committerJule Anger <janger@samba.org>
Sun, 24 Jul 2022 09:41:53 +0000 (11:41 +0200)
Now unrelated flags will no longer affect the result.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15009

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
source4/dsdb/samdb/ldb_modules/repl_meta_data.c patch | blob | blame | history

diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index ab506cec488f7ee60ea85631a02773cc91841a9b..29ffda75c87ba0bd3d09a9106866ec127196623a 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -3525,7 +3525,7 @@ static int replmd_modify(struct ldb_module *module, struct ldb_request *req)
                        return ldb_module_operr(module);
                }
 
-               if (req->op.mod.message->elements[0].flags != LDB_FLAG_MOD_REPLACE) {
+               if (LDB_FLAG_MOD_TYPE(req->op.mod.message->elements[0].flags) != LDB_FLAG_MOD_REPLACE) {
                        return ldb_module_operr(module);
                }
 
@@ -3558,11 +3558,11 @@ static int replmd_modify(struct ldb_module *module, struct ldb_request *req)
                        return ldb_module_operr(module);
                }
 
-               if (req->op.mod.message->elements[0].flags != LDB_FLAG_MOD_DELETE) {
+               if (LDB_FLAG_MOD_TYPE(req->op.mod.message->elements[0].flags) != LDB_FLAG_MOD_DELETE) {
                        return ldb_module_operr(module);
                }
 
-               if (req->op.mod.message->elements[1].flags != LDB_FLAG_MOD_ADD) {
+               if (LDB_FLAG_MOD_TYPE(req->op.mod.message->elements[1].flags) != LDB_FLAG_MOD_ADD) {
                        return ldb_module_operr(module);
                }
 
@@ -3645,7 +3645,7 @@ static int replmd_modify(struct ldb_module *module, struct ldb_request *req)
                        return ldb_module_operr(module);
                }
 
-               if (msg->elements[0].flags != LDB_FLAG_MOD_ADD) {
+               if (LDB_FLAG_MOD_TYPE(msg->elements[0].flags) != LDB_FLAG_MOD_ADD) {
                        talloc_free(ac);
                        return ldb_module_operr(module);
                }
Mirror of https://github.com/samba-team/samba.git