From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Fri, 3 Mar 2023 04:27:38 +0000 (+1300)
Subject: CVE-2023-0614 ldb: Add function to add distinguishedName to message
X-Git-Tag: ldb-2.5.3~23
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7982090641e5199d2bbece3b7aa50f3e7342db12;p=thirdparty%2Fsamba.git

CVE-2023-0614 ldb: Add function to add distinguishedName to message

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

[abartlet@samba.org Adapted to conflict from lack of new
ldb_ascii_toupper() in ldb_private.h]
---

diff --git a/lib/ldb/common/ldb_pack.c b/lib/ldb/common/ldb_pack.c
index 028d96a619a..b0b0d64a5ba 100644
--- a/lib/ldb/common/ldb_pack.c
+++ b/lib/ldb/common/ldb_pack.c
@@ -1098,7 +1098,7 @@ int ldb_unpack_data(struct ldb_context *ldb,
 /*
   add the special distinguishedName element
 */
-static int msg_add_distinguished_name(struct ldb_message *msg)
+int ldb_msg_add_distinguished_name(struct ldb_message *msg)
 {
 	const char *dn_attr = "distinguishedName";
 	char *dn = NULL;
@@ -1158,7 +1158,7 @@ int ldb_filter_attrs(struct ldb_context *ldb,
 
 	/* Shortcuts for the simple cases */
 	} else if (add_dn && i == 1) {
-		if (msg_add_distinguished_name(filtered_msg) != 0) {
+		if (ldb_msg_add_distinguished_name(filtered_msg) != 0) {
 			goto failed;
 		}
 		return 0;
@@ -1238,7 +1238,7 @@ int ldb_filter_attrs(struct ldb_context *ldb,
 	filtered_msg->num_elements = num_elements;
 
 	if (add_dn) {
-		if (msg_add_distinguished_name(filtered_msg) != 0) {
+		if (ldb_msg_add_distinguished_name(filtered_msg) != 0) {
 			goto failed;
 		}
 	}
diff --git a/lib/ldb/include/ldb_private.h b/lib/ldb/include/ldb_private.h
index 338e71def6d..ca43817d07a 100644
--- a/lib/ldb/include/ldb_private.h
+++ b/lib/ldb/include/ldb_private.h
@@ -320,4 +320,9 @@ int ldb_match_message(struct ldb_context *ldb,
 /* Reallocate elements to drop any excess capacity. */
 void ldb_msg_shrink_to_fit(struct ldb_message *msg);
 
+/*
+  add the special distinguishedName element
+*/
+int ldb_msg_add_distinguished_name(struct ldb_message *msg);
+
 #endif