From: Douglas Bagnall Date: Mon, 17 Jul 2023 20:56:40 +0000 (+1200) Subject: lib/fuzzing: adapt fuzz_sddl_access_check for AD variant X-Git-Tag: talloc-2.4.1~9 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9ea606dad1147734c1877dd054dc769c4df4e005;p=thirdparty%2Fsamba.git lib/fuzzing: adapt fuzz_sddl_access_check for AD variant Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett --- diff --git a/lib/fuzzing/fuzz_sddl_access_check.c b/lib/fuzzing/fuzz_sddl_access_check.c index d4247272e4d..e6231d7da5f 100644 --- a/lib/fuzzing/fuzz_sddl_access_check.c +++ b/lib/fuzzing/fuzz_sddl_access_check.c @@ -118,7 +118,26 @@ int LLVMFuzzerTestOneInput(uint8_t *input, size_t len) if (sd == NULL) { goto end; } + +#ifdef FUZZ_SEC_ACCESS_CHECK_DS + /* + * The sec_access_check_ds() function has two arguments not found in + * se_access_check, and also not found in our fuzzing examples. + * + * One is a struct object_tree, which is used for object ACE types. + * The other is a SID, which is used as a default if an ACE lacks a + * SID. + */ + sec_access_check_ds(sd, + &token, + access_desired, + &access_granted, + NULL, + NULL); +#else status = se_access_check(sd, &token, access_desired, &access_granted); +#endif + end: talloc_free(mem_ctx); return 0; diff --git a/lib/fuzzing/wscript_build b/lib/fuzzing/wscript_build index 7a138a47468..e0f4173b989 100644 --- a/lib/fuzzing/wscript_build +++ b/lib/fuzzing/wscript_build @@ -47,6 +47,12 @@ bld.SAMBA_BINARY('fuzz_sddl_access_check', deps='fuzzing samba-security afl-fuzz-main', fuzzer=True) +bld.SAMBA_BINARY('fuzz_sddl_access_check_ds', + cflags='-DFUZZ_SEC_ACCESS_CHECK_DS=1', + source='fuzz_sddl_access_check.c', + deps='fuzzing samba-security afl-fuzz-main', + fuzzer=True) + bld.SAMBA_BINARY('fuzz_regfio', source='fuzz_regfio.c', deps='fuzzing samba3-util smbconf REGFIO afl-fuzz-main',