CVE-2020-10730: dsdb: Fix crash when vlv and paged_results are combined

The GUID is not returned in the DN for some reason in this (to be banned)
combination.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

diff --git a/source4/dsdb/samdb/ldb_modules/paged_results.c b/source4/dsdb/samdb/ldb_modules/paged_results.c
index dc211dd18ceba85a1ab5ebf44481b789c3c7689f..f720a2e43375523e9b920b03e2f812075f3abb06 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/paged_results.c
+++ b/source4/dsdb/samdb/ldb_modules/paged_results.c
@@ -416,6 +416,10 @@ static int paged_search_callback(struct ldb_request *req,
 
                guid_blob = ldb_dn_get_extended_component(ares->message->dn,
                                                          "GUID");
+               if (guid_blob == NULL) {
+                       return ldb_module_done(ac->req, NULL, NULL,
+                                              LDB_ERR_OPERATIONS_ERROR);
+               }
                status = GUID_from_ndr_blob(guid_blob, &guid);
                if (!NT_STATUS_IS_OK(status)) {
                        return ldb_module_done(ac->req, NULL, NULL,