From: Andrew Bartlett <abartlet@samba.org>
Date: Sun, 6 Aug 2023 23:55:55 +0000 (+1200)
Subject: CVE-2023-4154 dsdb/tests: Do not run SimpleDirsyncTests twice
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8de964597772cbbdef8b0fd7cb0d3e71aacd698c;p=thirdparty%2Fsamba.git

CVE-2023-4154 dsdb/tests: Do not run SimpleDirsyncTests twice

To re-use setup code, the super-class must have no test_*() methods
otherwise these will be run as well as the class-local tests.

We rename tests that would otherwise have duplicate names

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/selftest/knownfail b/selftest/knownfail
index f9ca4984176..a89616c1dbe 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -151,7 +151,7 @@
 ^samba4.smb2.acls.*.inheritflags
 ^samba4.smb2.acls.*.owner
 ^samba4.smb2.acls.*.ACCESSBASED
-^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.ExtendedDirsyncTests.test_dirsync_deleted_items
+^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.SimpleDirsyncTests.test_dirsync_deleted_items_OBJECT_SECURITY
 #^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.ExtendedDirsyncTests.*
 ^samba4.libsmbclient.opendir.(NT1|SMB3).opendir # This requires netbios browsing
 ^samba4.rpc.drsuapi.*.drsuapi.DsGetDomainControllerInfo\(.*\)$
diff --git a/source4/dsdb/tests/python/dirsync.py b/source4/dsdb/tests/python/dirsync.py
index ca0947e2d21..ad136b7efee 100755
--- a/source4/dsdb/tests/python/dirsync.py
+++ b/source4/dsdb/tests/python/dirsync.py
@@ -458,7 +458,7 @@ class SimpleDirsyncTests(DirsyncBaseTests):
         self.assertTrue(res[0].get("name") is not None)
         delete_force(self.ldb_admin, ouname)
 
-    def test_dirsync_linkedattributes(self):
+    def test_dirsync_linkedattributes_OBJECT_SECURITY(self):
         """Check that dirsync returned deleted objects too"""
         # Let's search for members
         self.ldb_simple = self.get_ldb_connection(self.simple_user, self.user_pass)
@@ -585,9 +585,6 @@ class SimpleDirsyncTests(DirsyncBaseTests):
                                     expression="(&(objectClass=organizationalUnit)(!(isDeleted=*)))",
                                     controls=controls)
 
-
-class ExtendedDirsyncTests(SimpleDirsyncTests):
-
     def test_dirsync_linkedattributes_range(self):
         self.ldb_simple = self.get_ldb_connection(self.simple_user, self.user_pass)
         res = self.ldb_admin.search(self.base_dn,
@@ -711,7 +708,7 @@ class ExtendedDirsyncTests(SimpleDirsyncTests):
         self.assertIn(b"<GUID=", resEX0[0]["member"][0])
         self.assertIn(b">;<SID=010500000000000515", resEX0[0]["member"][0])
 
-    def test_dirsync_deleted_items(self):
+    def test_dirsync_deleted_items_OBJECT_SECURITY(self):
         """Check that dirsync returned deleted objects too"""
         # Let's create an OU
         self.ldb_simple = self.get_ldb_connection(self.simple_user, self.user_pass)