lib/fuzzing: adjust access-check seed patch

Now that access_check.c includes headers for conditional ACEs, the patch
should take that into account.

Also, we check for a talloc failure.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/lib/fuzzing/patches/collect-access-check-seeds.txt b/lib/fuzzing/patches/collect-access-check-seeds.txt
index 75e2b29226be9455999a7d8b9d5763f76a7d67aa..db85f40c22f751242c7d577baa2908889b4f753b 100644 (file)
--- a/lib/fuzzing/patches/collect-access-check-seeds.txt
+++ b/lib/fuzzing/patches/collect-access-check-seeds.txt
@@ -1,4 +1,4 @@
-From bf2adac3a271fae551a726dc21dc9111bd7320be Mon Sep 17 00:00:00 2001
+From b461fdf28c71b54ad5ebe663ea09212856e61973 Mon Sep 17 00:00:00 2001
 From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 Date: Mon, 17 Jul 2023 16:17:16 +1200
 Subject: [PATCH 1/2] libcli/security: save access check attempts for fuzz
@@ -36,23 +36,23 @@ down much, but it will capture your SIDs and ACLs.
 
 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 ---
- libcli/security/access_check.c | 76 ++++++++++++++++++++++++++++++++++
- 1 file changed, 76 insertions(+)
+ libcli/security/access_check.c | 79 ++++++++++++++++++++++++++++++++++
+ 1 file changed, 79 insertions(+)
 
 diff --git a/libcli/security/access_check.c b/libcli/security/access_check.c
-index 81bacc90e78..9c3e4cfe966 100644
+index 1364a15f4dd..d79a247455a 100644
 --- a/libcli/security/access_check.c
 +++ b/libcli/security/access_check.c
-@@ -24,6 +24,8 @@
- #include "replace.h"
- #include "lib/util/debug.h"
+@@ -26,6 +26,8 @@
  #include "libcli/security/security.h"
+ #include "librpc/gen_ndr/conditional_ace.h"
+ #include "libcli/security/conditional_ace.h"
 +#include "ndr/libndr.h"
 +#include "gen_ndr/ndr_security.h"
  
  /* Map generic access rights to object specific rights.  This technique is
     used to give meaning to assigning read, write, execute and all access to
-@@ -103,6 +105,74 @@ void se_map_standard(uint32_t *access_mask, const struct standard_mapping *mappi
+@@ -105,6 +107,77 @@ void se_map_standard(uint32_t *access_mask, const struct standard_mapping *mappi
        }
  }
  
@@ -101,6 +101,9 @@ index 81bacc90e78..9c3e4cfe966 100644
 +              }
 +      }
 +      tmp_ctx = talloc_new(NULL);
++      if (tmp_ctx == NULL) {
++              return false;
++      }
 +
 +      n++;
 +      ndr_err = ndr_push_struct_blob(
@@ -127,7 +130,7 @@ index 81bacc90e78..9c3e4cfe966 100644
  /*
    perform a SEC_FLAG_MAXIMUM_ALLOWED access check
  */
-@@ -115,6 +185,8 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
+@@ -117,6 +190,8 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
        bool have_owner_rights_ace = false;
        unsigned i;
  
@@ -136,7 +139,7 @@ index 81bacc90e78..9c3e4cfe966 100644
        if (sd->dacl == NULL) {
                if (security_token_has_sid(token, sd->owner_sid)) {
                        switch (implicit_owner_rights) {
-@@ -211,6 +283,8 @@ static NTSTATUS se_access_check_implicit_owner(const struct security_descriptor
+@@ -222,6 +297,8 @@ static NTSTATUS se_access_check_implicit_owner(const struct security_descriptor
        bool am_owner = false;
        bool have_owner_rights_ace = false;
  
@@ -145,7 +148,7 @@ index 81bacc90e78..9c3e4cfe966 100644
        *access_granted = access_desired;
        bits_remaining = access_desired;
  
-@@ -528,6 +602,8 @@ NTSTATUS sec_access_check_ds_implicit_owner(const struct security_descriptor *sd
+@@ -613,6 +690,8 @@ NTSTATUS sec_access_check_ds_implicit_owner(const struct security_descriptor *sd
        uint32_t bits_remaining;
        struct dom_sid self_sid;
  
@@ -158,7 +161,7 @@ index 81bacc90e78..9c3e4cfe966 100644
 2.34.1
 
 
-From d79328bdac90ed16b9162cbfe10a4ed8bedbc073 Mon Sep 17 00:00:00 2001
+From 12bf242cece202658fe61f1c7408709d092632ea Mon Sep 17 00:00:00 2001
 From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 Date: Tue, 18 Jul 2023 16:07:11 +1200
 Subject: [PATCH 2/2] scripts: a script for deduplicating fuzz-seeds