The Samba-Bugzilla – Attachment 15157 Details for
Bug 13942
ASAN detected use after free samldb_rename_search_base_callback
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Proposed patch for V4.10
bug-13942-v4-10.patch.txt (text/plain), 1.59 KB, created by
Gary Lockyer
on 2019-05-15 21:20:43 UTC
(
hide
)
Description:
Proposed patch for V4.10
Filename:
MIME Type:
Creator:
Gary Lockyer
Created:
2019-05-15 21:20:43 UTC
Size:
1.59 KB
patch
obsolete
>From fc68eddf262898f3d9e95a328ea0a74b9d9c3986 Mon Sep 17 00:00:00 2001 >From: Gary Lockyer <gary@catalyst.net.nz> >Date: Tue, 14 May 2019 13:10:22 +1200 >Subject: [PATCH] s4 dsdb: fix use after free in > samldb_rename_search_base_callback > >Fix use after free detected by AddressSanitizer > >AddressSanitizer: heap-use-after-free on address 0x60f0002b2738 > at pc 0x7f89b1a213b5 bp 0x7ffce9528810 sp 0x7ffce9528800 > READ of size 8 at 0x60f0002b2738 thread T0 > #0 0x7f89b1a213b4 in samldb_rename_search_base_callback > ../../source4/dsdb/samdb/ldb_modules/samldb.c:4203 > #1 0x7f89d3a0db4a in ldb_module_send_entry > ../../lib/ldb/common/ldb_modules.c:793 > #2 0x7f89b6f27356 in es_callback > ../../source4/dsdb/samdb/ldb_modules/encrypted_secrets.c:1418 > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=13942 > >Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit b0cc6d217485c317b2138347216fac5d74684328) >--- > source4/dsdb/samdb/ldb_modules/samldb.c | 1 - > 1 file changed, 1 deletion(-) > >diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c >index e69228c32c7..c1188c432f6 100644 >--- a/source4/dsdb/samdb/ldb_modules/samldb.c >+++ b/source4/dsdb/samdb/ldb_modules/samldb.c >@@ -4063,7 +4063,6 @@ static int check_rename_constraints(struct ldb_message *msg, > if (samdb_find_attribute(ldb, msg, "objectclass", "subnet") != NULL) { > ret = samldb_verify_subnet(ac, newdn); > if (ret != LDB_SUCCESS) { >- talloc_free(ac); > return ret; > } > } >-- >2.17.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
abartlet
:
review+
gary
:
ci-passed+
Actions:
View
Attachments on
bug 13942
:
15144
| 15157