samba/CVE-2018-16857-8.patch

From d12b02c78842786969557b9be7c953e9594d90dd Mon Sep 17 00:00:00 2001
From: Tim Beale <timbeale@catalyst.net.nz>
Date: Tue, 13 Nov 2018 13:19:04 +1300
Subject: [PATCH 16/17] CVE-2018-16857 dsdb/util: Fix lockOutObservationWindow
 for PSOs

Fix a remaining place where we were trying to read the
msDS-LockoutObservationWindow as an int instead of an int64.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 selftest/knownfail.d/password_lockout | 2 --
 source4/dsdb/common/util.c            | 6 +++---
 2 files changed, 3 insertions(+), 5 deletions(-)
 delete mode 100644 selftest/knownfail.d/password_lockout

diff --git a/selftest/knownfail.d/password_lockout b/selftest/knownfail.d/password_lockout
deleted file mode 100644
index a4e37a84c21..00000000000
--- a/selftest/knownfail.d/password_lockout
+++ /dev/null
@@ -1,2 +0,0 @@
-samba4.ldap.password_lockout.python\(ad_dc_ntvfs\).__main__.PasswordTestsWithDefaults.test_pso_login_lockout_krb5\(ad_dc_ntvfs\)
-samba4.ldap.password_lockout.python\(ad_dc_ntvfs\).__main__.PasswordTestsWithDefaults.test_pso_login_lockout_ntlm\(ad_dc_ntvfs\)
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 438a29e1773..8d863f85a29 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -5361,9 +5361,9 @@ int samdb_result_effective_badPwdCount(struct ldb_context *sam_ldb,
 
 	if (res != NULL) {
 		lockOutObservationWindow =
-			ldb_msg_find_attr_as_int(res->msgs[0],
-						 "msDS-LockoutObservationWindow",
-						  0);
+			ldb_msg_find_attr_as_int64(res->msgs[0],
+						   "msDS-LockoutObservationWindow",
+						    0);
 		talloc_free(res);
 	} else {
 
-- 
2.17.1
Package init 2019-12-25 16:07:00 +08:00			`From d12b02c78842786969557b9be7c953e9594d90dd Mon Sep 17 00:00:00 2001`
			`From: Tim Beale <timbeale@catalyst.net.nz>`
			`Date: Tue, 13 Nov 2018 13:19:04 +1300`
			`Subject: [PATCH 16/17] CVE-2018-16857 dsdb/util: Fix lockOutObservationWindow`
			`for PSOs`

			`Fix a remaining place where we were trying to read the`
			`msDS-LockoutObservationWindow as an int instead of an int64.`

			`BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683`

			`Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>`
			`Reviewed-by: Andrew Bartlett <abartlet@samba.org>`
			`---`
			`selftest/knownfail.d/password_lockout \| 2 --`
			`source4/dsdb/common/util.c \| 6 +++---`
			`2 files changed, 3 insertions(+), 5 deletions(-)`
			`delete mode 100644 selftest/knownfail.d/password_lockout`

			`diff --git a/selftest/knownfail.d/password_lockout b/selftest/knownfail.d/password_lockout`
			`deleted file mode 100644`
			`index a4e37a84c21..00000000000`
			`--- a/selftest/knownfail.d/password_lockout`
			`+++ /dev/null`
			`@@ -1,2 +0,0 @@`
			`-samba4.ldap.password_lockout.python\(ad_dc_ntvfs\).__main__.PasswordTestsWithDefaults.test_pso_login_lockout_krb5\(ad_dc_ntvfs\)`
			`-samba4.ldap.password_lockout.python\(ad_dc_ntvfs\).__main__.PasswordTestsWithDefaults.test_pso_login_lockout_ntlm\(ad_dc_ntvfs\)`
			`diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c`
			`index 438a29e1773..8d863f85a29 100644`
			`--- a/source4/dsdb/common/util.c`
			`+++ b/source4/dsdb/common/util.c`
			`@@ -5361,9 +5361,9 @@ int samdb_result_effective_badPwdCount(struct ldb_context *sam_ldb,`

			`if (res != NULL) {`
			`lockOutObservationWindow =`
			`- ldb_msg_find_attr_as_int(res->msgs[0],`
			`- "msDS-LockoutObservationWindow",`
			`- 0);`
			`+ ldb_msg_find_attr_as_int64(res->msgs[0],`
			`+ "msDS-LockoutObservationWindow",`
			`+ 0);`
			`talloc_free(res);`
			`} else {`

			`--`
			`2.17.1`