The Samba-Bugzilla – Attachment 15372 Details for
Bug 14067
crash in security.descriptor().dacl_add(1): need real python types
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch that shifts the problem, avoiding the crash but defeating legitimate use
0001-py_security-don-t-crash-on-dacl_add.patch (text/plain), 1.25 KB, created by
Douglas Bagnall
on 2019-08-04 10:48:41 UTC
(
hide
)
Description:
patch that shifts the problem, avoiding the crash but defeating legitimate use
Filename:
MIME Type:
Creator:
Douglas Bagnall
Created:
2019-08-04 10:48:41 UTC
Size:
1.25 KB
patch
obsolete
>From ce67c71d32e1daf5abaf1852088c16b1cb2f8cd8 Mon Sep 17 00:00:00 2001 >From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> >Date: Fri, 2 Aug 2019 23:36:11 +1200 >Subject: [PATCH] py_security: don't crash on dacl_add() > >$ PYTHONPATH=bin/python python3 -c'from samba.dcerpc import security;security.descriptor().dacl_add(1)' > >would crash. We need to check the type of the argument. > >Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> >--- > source4/librpc/ndr/py_security.c | 9 +++++++-- > 1 file changed, 7 insertions(+), 2 deletions(-) > >diff --git a/source4/librpc/ndr/py_security.c b/source4/librpc/ndr/py_security.c >index 26989c1a433..750fb54fd4e 100644 >--- a/source4/librpc/ndr/py_security.c >+++ b/source4/librpc/ndr/py_security.c >@@ -195,8 +195,13 @@ static PyObject *py_descriptor_dacl_add(PyObject *self, PyObject *args) > if (!PyArg_ParseTuple(args, "O", &py_ace)) > return NULL; > >- ace = pytalloc_get_ptr(py_ace); >- >+ ace = pytalloc_get_type(py_ace, struct security_ace); >+ if (ace == NULL) { >+ PyErr_Format(PyExc_TypeError, >+ "Expected security ACE object, not %s", >+ pytalloc_get_name(py_ace)); >+ return NULL; >+ } > status = security_descriptor_dacl_add(desc, ace); > PyErr_NTSTATUS_IS_ERR_RAISE(status); > Py_RETURN_NONE; >-- >2.20.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 14067
: 15372