[PATCH] Fix crash on Samba AD DC LDAP server

Andrew Bartlett abartlet at samba.org
Mon Jun 24 06:19:07 MDT 2013 

On Mon, 2013-06-24 at 22:05 +1000, Andrew Bartlett wrote:
> On Sat, 2013-06-22 at 17:04 +1000, Andrew Bartlett wrote:
> > On Sat, 2013-06-22 at 08:20 +1000, Andrew Bartlett wrote:
> > > On Fri, 2013-06-21 at 00:55 -0700, Matthieu Patou wrote:
> > > > The patch is good but it means that the search will also never succeed.
> > > > 
> > > > you can add my review:
> > > > 
> > > > reviewed-by: Matthieu Patou <mat at matws.net>
> > > > 
> > > > Don't forget your sign-off !
> > > 
> > > Not succeeding seems to be the expected thing - attributes without
> > > values don't exist in LDAP.
> > > 
> > > I'll get this in, and in the meanwhile I'm trying to figure out how to
> > > write a test for this.
> > 
> > Tests and fixes for ldb and libcli/ldap (needed for the tests) are
> > attached. 
> > 
> > Please review.
> > 
> > Thanks,
> 
> Additionally this patch bumps the ldb version number.
> 
> Please also review this.

Attached is the full patch set fixing the crash/DoS issue.  As we have
the release freeze for 4.0 tomorrow, I would very much appreciate it if
someone could please review these changes for me, so we can include it.
We have not decided to do a distinct release as it is 'only' an
authenticated DoS, but we should not miss this scheduled release either.

Thanks,

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-ldb-Cope-with-substring-match-with-no-chunks-in-ldb_.patch
Type: text/x-patch
Size: 1068 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20130624/a2f34c08/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-ldb-bump-version-to-allow-a-depencency-on-the-substr.patch
Type: text/x-patch
Size: 21956 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20130624/a2f34c08/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-libcli-ldap-Cope-with-substring-match-with-no-chunks.patch
Type: text/x-patch
Size: 2185 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20130624/a2f34c08/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0004-torture-Add-tests-for-LDAP-substring-search-with-no-.patch
Type: text/x-patch
Size: 4591 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20130624/a2f34c08/attachment-0003.bin>

More information about the samba-technical mailing list