packages/libldb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
libldb/backport-0002-CVE-2023-0614.patch
xinghe c031196b56 fix CVE-2023-0614
2023-04-01 01:31:54 +00:00

73 lines
2.3 KiB
Diff
Raw Blame History

From b01d3ae3261264236504475a26c54ab45dd2175f Mon Sep 17 00:00:00 2001
From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Fri, 27 Jan 2023 08:28:36 +1300
Subject: [PATCH 05/34] CVE-2023-0614 ldb: Add functions for handling
inaccessible message elements
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Conflict: NA
Reference: https://attachments.samba.org/attachment.cgi?id=17821
---
common/ldb_msg.c | 26 ++++++++++++++++++++++++++
include/ldb_module.h | 4 ++++
2 files changed, 30 insertions(+)
diff --git a/common/ldb_msg.c b/common/ldb_msg.c
index 9cd7998e21c..cbc7e32b2ba 100644
--- a/common/ldb_msg.c
+++ b/common/ldb_msg.c
@@ -795,6 +795,32 @@ int ldb_msg_element_compare_name(struct ldb_message_element *el1,
return ldb_attr_cmp(el1->name, el2->name);
}
+void ldb_msg_element_mark_inaccessible(struct ldb_message_element *el)
+{
+ el->flags |= LDB_FLAG_INTERNAL_INACCESSIBLE_ATTRIBUTE;
+}
+
+bool ldb_msg_element_is_inaccessible(const struct ldb_message_element *el)
+{
+ return (el->flags & LDB_FLAG_INTERNAL_INACCESSIBLE_ATTRIBUTE) != 0;
+}
+
+void ldb_msg_remove_inaccessible(struct ldb_message *msg)
+{
+ unsigned i;
+ unsigned num_del = 0;
+
+ for (i = 0; i < msg->num_elements; ++i) {
+ if (ldb_msg_element_is_inaccessible(&msg->elements[i])) {
+ ++num_del;
+ } else if (num_del) {
+ msg->elements[i - num_del] = msg->elements[i];
+ }
+ }
+
+ msg->num_elements -= num_del;
+}
+
/*
convenience functions to return common types from a message
these return the first value if the attribute is multi-valued
diff --git a/include/ldb_module.h b/include/ldb_module.h
index 4c7c85a17f0..8481fd3991a 100644
--- a/include/ldb_module.h
+++ b/include/ldb_module.h
@@ -513,6 +513,10 @@ struct ldb_extended_match_rule
int ldb_register_extended_match_rule(struct ldb_context *ldb,
const struct ldb_extended_match_rule *rule);
+void ldb_msg_element_mark_inaccessible(struct ldb_message_element *el);
+bool ldb_msg_element_is_inaccessible(const struct ldb_message_element *el);
+void ldb_msg_remove_inaccessible(struct ldb_message *msg);
+
/*
* these pack/unpack functions are exposed in the library for use by
* ldb tools like ldbdump and for use in tests,
--
2.25.1
Reference in New Issue View Git Blame Copy Permalink