From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Fri, 3 Mar 2023 04:27:38 +0000 (+1300)
Subject: CVE-2023-0614 ldb: Add function to add distinguishedName to message
X-Git-Tag: talloc-2.4.1~1081
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=784a342785f2aca5bc01e61d210bb6bc103499ff;p=thirdparty%2Fsamba.git

CVE-2023-0614 ldb: Add function to add distinguishedName to message

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/lib/ldb/ABI/ldb-2.8.0.sigs b/lib/ldb/ABI/ldb-2.8.0.sigs
index b450b0c8191..27081946f19 100644
--- a/lib/ldb/ABI/ldb-2.8.0.sigs
+++ b/lib/ldb/ABI/ldb-2.8.0.sigs
@@ -149,6 +149,7 @@ ldb_modules_hook: int (struct ldb_context *, enum ldb_module_hook_type)
 ldb_modules_list_from_string: const char **(struct ldb_context *, TALLOC_CTX *, const char *)
 ldb_modules_load: int (const char *, const char *)
 ldb_msg_add: int (struct ldb_message *, const struct ldb_message_element *, int)
+ldb_msg_add_distinguished_name: int (struct ldb_message *)
 ldb_msg_add_empty: int (struct ldb_message *, const char *, int, struct ldb_message_element **)
 ldb_msg_add_fmt: int (struct ldb_message *, const char *, const char *, ...)
 ldb_msg_add_linearized_dn: int (struct ldb_message *, const char *, struct ldb_dn *)
diff --git a/lib/ldb/common/ldb_pack.c b/lib/ldb/common/ldb_pack.c
index 801e7f4996a..296aa2df8fd 100644
--- a/lib/ldb/common/ldb_pack.c
+++ b/lib/ldb/common/ldb_pack.c
@@ -1098,7 +1098,7 @@ int ldb_unpack_data(struct ldb_context *ldb,
 /*
   add the special distinguishedName element
 */
-static int msg_add_distinguished_name(struct ldb_message *msg)
+int ldb_msg_add_distinguished_name(struct ldb_message *msg)
 {
 	const char *dn_attr = "distinguishedName";
 	char *dn = NULL;
@@ -1158,7 +1158,7 @@ int ldb_filter_attrs(struct ldb_context *ldb,
 
 	/* Shortcuts for the simple cases */
 	} else if (add_dn && i == 1) {
-		if (msg_add_distinguished_name(filtered_msg) != 0) {
+		if (ldb_msg_add_distinguished_name(filtered_msg) != 0) {
 			goto failed;
 		}
 		return 0;
@@ -1238,7 +1238,7 @@ int ldb_filter_attrs(struct ldb_context *ldb,
 	filtered_msg->num_elements = num_elements;
 
 	if (add_dn) {
-		if (msg_add_distinguished_name(filtered_msg) != 0) {
+		if (ldb_msg_add_distinguished_name(filtered_msg) != 0) {
 			goto failed;
 		}
 	}
diff --git a/lib/ldb/include/ldb_private.h b/lib/ldb/include/ldb_private.h
index f6f47c28cf3..c6cff44942a 100644
--- a/lib/ldb/include/ldb_private.h
+++ b/lib/ldb/include/ldb_private.h
@@ -320,6 +320,11 @@ int ldb_match_message(struct ldb_context *ldb,
 /* Reallocate elements to drop any excess capacity. */
 void ldb_msg_shrink_to_fit(struct ldb_message *msg);
 
+/*
+  add the special distinguishedName element
+*/
+int ldb_msg_add_distinguished_name(struct ldb_message *msg);
+
 /**
  * @brief Convert a character to uppercase with ASCII precedence.
  *