29 lines
1.1 KiB
Diff
29 lines
1.1 KiB
Diff
|
From 41b1fe6d4ae1f547b2f1a0ef8d1aee284b4ef93b Mon Sep 17 00:00:00 2001
|
||
|
|
From: Joseph Sutton <josephsutton@catalyst.net.nz>
|
||
|
|
Date: Wed, 16 Feb 2022 12:43:52 +1300
|
||
|
|
Subject: [PATCH] CVE-2022-32746 ldb:rdn_name: Use LDB_FLAG_MOD_TYPE() for
|
||
|
|
flags equality check
|
||
|
|
|
||
|
|
Now unrelated flags will no longer affect the result.
|
||
|
|
|
||
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15009
|
||
|
|
|
||
|
|
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
|
||
|
|
---
|
||
|
|
lib/ldb/modules/rdn_name.c | 2 +-
|
||
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||
|
|
|
||
|
|
diff --git a/modules/rdn_name.c b/modules/rdn_name.c
|
||
|
|
index e69ad9315aec..25cffe07591a 100644
|
||
|
|
--- a/modules/rdn_name.c
|
||
|
|
+++ b/modules/rdn_name.c
|
||
|
|
@@ -545,7 +545,7 @@ static int rdn_name_modify(struct ldb_module *module, struct ldb_request *req)
|
||
|
|
if (e != NULL) {
|
||
|
|
ldb_asprintf_errstring(ldb, "Modify of 'distinguishedName' on %s not permitted, must use 'rename' operation instead",
|
||
|
|
ldb_dn_get_linearized(req->op.mod.message->dn));
|
||
|
|
- if (e->flags == LDB_FLAG_MOD_REPLACE) {
|
||
|
|
+ if (LDB_FLAG_MOD_TYPE(e->flags) == LDB_FLAG_MOD_REPLACE) {
|
||
|
|
return LDB_ERR_CONSTRAINT_VIOLATION;
|
||
|
|
} else {
|
||
|
|
return LDB_ERR_UNWILLING_TO_PERFORM;
|