samba/backport-0008-CVE-2023-4154.patch

From 217b30b05e24b66a427d9cc605141f917b88745c Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 17 Mar 2023 14:08:34 +0100
Subject: [PATCH 13/28] CVE-2023-4154 python/samba/ndr: add ndr_deepcopy()
 helper

This uses ndr_pack/unpack in order to create a deep copy
of the given object.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

(cherry picked from commit 4627997ddae44265ad35b3234232eb74458c6c34)

Conflict: NA
Reference: https://download.samba.org/pub/samba/patches/security/samba-4.18.8-security-2023-10-10.patch
[PATCH 13/28] CVE-2023-4154 python/samba/ndr: add ndr_deepcopy()
 helper
---
 python/samba/ndr.py | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/python/samba/ndr.py b/python/samba/ndr.py
index 35b2414e8ae..8369abfb2d0 100644
--- a/python/samba/ndr.py
+++ b/python/samba/ndr.py
@@ -56,6 +56,25 @@ def ndr_print(object):
     return ndr_print()
 
 
+def ndr_deepcopy(object):
+    """Create a deep copy of a NDR object, using pack/unpack
+
+    :param object: Object to copy
+    :return: The object copy
+    """
+    ndr_pack = getattr(object, "__ndr_pack__", None)
+    if ndr_pack is None:
+        raise TypeError("%r is not a NDR object" % object)
+    data = ndr_pack()
+    cls = type(object)
+    copy = cls()
+    ndr_unpack = getattr(copy, "__ndr_unpack__", None)
+    if ndr_unpack is None:
+        raise TypeError("%r is not a NDR object" % copy)
+    ndr_unpack(data, allow_remaining=False)
+    return copy
+
+
 def ndr_pack_in(object, bigendian=False, ndr64=False):
     """Pack the input of an NDR function object.
 
-- 
2.34.1