]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b49c87f) | patch
CVE-2018-16851 ldap_server: Check ret before manipulating blob
authorGarming Sam <garming@catalyst.net.nz>
Mon, 5 Nov 2018 03:18:18 +0000 (16:18 +1300)
committerKarolin Seeger <kseeger@samba.org>
Mon, 26 Nov 2018 08:38:10 +0000 (09:38 +0100)
commitac0b38fb285fad3165560a26afeeeaf23d850c1c
treecbc12b28c8b7cf4450c0b2f1c1b6ae57996c0994tree
parentb49c87f8d64677390e5c4c6698b95beb74468653commit | diff
CVE-2018-16851 ldap_server: Check ret before manipulating blob

In the case of hitting the talloc ~256MB limit, this causes a crash in
the server.

Note that you would actually need to load >256MB of data into the LDAP.
Although there is some generated/hidden data which would help you reach that
limit (descriptors and RMD blobs).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13674

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
source4/ldap_server/ldap_server.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git