CVE-2020-25722 s4/dsdb/samldb: samldb_get_single_valued_attr() check all values

using dsdb_get_expected_new_values().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14876

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index ca82396d0a85f4a1b37eed985163bbcb24af46cf..7b2f932182243fa4bee423dd53e3a5ba8792b5cd 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -174,11 +174,19 @@ static int samldb_get_single_valued_attr(struct ldb_context *ldb,
         * attribute.
         */
        struct ldb_message_element *el = NULL;
+       int ret;
 
        *value = NULL;
 
-       el = dsdb_get_single_valued_attr(ac->msg, attr,
-                                        ac->req->operation);
+       ret = dsdb_get_expected_new_values(ac,
+                                          ac->msg,
+                                          attr,
+                                          &el,
+                                          ac->req->operation);
+
+       if (ret != LDB_SUCCESS) {
+               return ret;
+       }
        if (el == NULL) {
                /* we are not affected */
                return LDB_SUCCESS;