44 lines
1.8 KiB
Diff
44 lines
1.8 KiB
Diff
From ebc2796a029b4dbe803457db0de9e999d1203460 Mon Sep 17 00:00:00 2001
|
|
From: Andrew Bartlett <abartlet@samba.org>
|
|
Date: Tue, 8 Aug 2023 11:18:46 +1200
|
|
Subject: [PATCH 21/28] CVE-2023-4154 dsdb/tests: Speed up DirSync test by only
|
|
checking positive matches once
|
|
|
|
When we (expect to) get back a result, do not waste time against a potentially
|
|
slow server confirming we also get back results for all the other attribute
|
|
combinations.
|
|
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
|
|
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
Conflict: NA
|
|
Reference: https://download.samba.org/pub/samba/patches/security/samba-4.18.8-security-2023-10-10.patch
|
|
[PATCH 21/28] CVE-2023-4154 dsdb/tests: Speed up DirSync test by only
|
|
checking positive matches once
|
|
---
|
|
source4/dsdb/tests/python/confidential_attr.py | 8 +++++++-
|
|
1 file changed, 7 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/source4/dsdb/tests/python/confidential_attr.py b/source4/dsdb/tests/python/confidential_attr.py
|
|
index ee7f554a008..678a5a82948 100755
|
|
--- a/source4/dsdb/tests/python/confidential_attr.py
|
|
+++ b/source4/dsdb/tests/python/confidential_attr.py
|
|
@@ -742,7 +742,13 @@ class ConfidentialAttrTestDirsync(ConfidentialAttrCommon):
|
|
# want to weed out results from any previous test runs
|
|
search = "(&{0}{1})".format(expr, self.extra_filter)
|
|
|
|
- for attr in self.attr_filters:
|
|
+ # If we expect to return multiple results, only check the first
|
|
+ if expected_num > 0:
|
|
+ attr_filters = [self.attr_filters[0]]
|
|
+ else:
|
|
+ attr_filters = self.attr_filters
|
|
+
|
|
+ for attr in attr_filters:
|
|
res = samdb.search(base_dn, expression=search, scope=SCOPE_SUBTREE,
|
|
attrs=attr, controls=self.dirsync)
|
|
self.assertEqual(len(res), expected_num,
|
|
--
|
|
2.34.1
|