packages/samba
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
samba/backport-0014-CVE-2023-4154.patch

45 lines
2.1 KiB
Diff
Raw Blame History

From 23031057e8626e61994bf833226c196e0d966e63 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 7 Aug 2023 14:44:28 +1200
Subject: [PATCH 19/28] CVE-2023-4154 dsdb/tests: Force the test attribute to
be not-confidential at the start
Rather than fail, if the last run failed to reset things, just force
the DC into the required state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Conflict: NA
Reference: https://download.samba.org/pub/samba/patches/security/samba-4.18.8-security-2023-10-10.patch
[PATCH 19/28] CVE-2023-4154 dsdb/tests: Force the test attribute to
be not-confidential at the start
---
source4/dsdb/tests/python/confidential_attr.py | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/source4/dsdb/tests/python/confidential_attr.py b/source4/dsdb/tests/python/confidential_attr.py
index 3997848f8f9..ee7f554a008 100755
--- a/source4/dsdb/tests/python/confidential_attr.py
+++ b/source4/dsdb/tests/python/confidential_attr.py
@@ -136,10 +136,12 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
# sanity-check the flag is not already set (this'll cause problems if
# previous test run didn't clean up properly)
- search_flags = self.get_attr_search_flags(self.attr_dn)
- self.assertEqual(0, int(search_flags) & SEARCH_FLAG_CONFIDENTIAL,
- "{0} searchFlags already {1}".format(self.conf_attr,
- search_flags))
+ search_flags = int(self.get_attr_search_flags(self.attr_dn))
+ if search_flags & SEARCH_FLAG_CONFIDENTIAL:
+ self.set_attr_search_flags(self.attr_dn, str(search_flags &~ SEARCH_FLAG_CONFIDENTIAL))
+ search_flags = int(self.get_attr_search_flags(self.attr_dn))
+ self.assertEqual(0, search_flags & SEARCH_FLAG_CONFIDENTIAL,
+ f"{self.conf_attr} searchFlags did not reset to omit SEARCH_FLAG_CONFIDENTIAL ({search_flags})")
def add_attr(self, dn, attr, value):
m = Message()
--
2.34.1
Reference in New Issue View Git Blame Copy Permalink