Attachment 15372 Details for Bug 14067 – patch that shifts the problem, avoiding the crash but defeating legitimate use

[patch] patch that shifts the problem, avoiding the crash but defeating legitimate use

0001-py_security-don-t-crash-on-dacl_add.patch (text/plain), 1.25 KB, created by Douglas Bagnall on 2019-08-04 10:48:41 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Douglas Bagnall

Created: 2019-08-04 10:48:41 UTC

Size: 1.25 KB

patch

obsolete

>From ce67c71d32e1daf5abaf1852088c16b1cb2f8cd8 Mon Sep 17 00:00:00 2001
>From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
>Date: Fri, 2 Aug 2019 23:36:11 +1200
>Subject: [PATCH] py_security: don't crash on dacl_add()
>
>$ PYTHONPATH=bin/python python3 -c'from samba.dcerpc import security;security.descriptor().dacl_add(1)'
>
>would crash. We need to check the type of the argument.
>
>Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
>---
> source4/librpc/ndr/py_security.c | 9 +++++++--
> 1 file changed, 7 insertions(+), 2 deletions(-)
>
>diff --git a/source4/librpc/ndr/py_security.c b/source4/librpc/ndr/py_security.c
>index 26989c1a433..750fb54fd4e 100644
>--- a/source4/librpc/ndr/py_security.c
>+++ b/source4/librpc/ndr/py_security.c
>@@ -195,8 +195,13 @@ static PyObject *py_descriptor_dacl_add(PyObject *self, PyObject *args)
> 	if (!PyArg_ParseTuple(args, "O", &py_ace))
> 		return NULL;
> 
>-	ace = pytalloc_get_ptr(py_ace);
>-
>+	ace = pytalloc_get_type(py_ace, struct security_ace);
>+	if (ace == NULL) {
>+		PyErr_Format(PyExc_TypeError,
>+			     "Expected security ACE object, not %s",
>+			     pytalloc_get_name(py_ace));
>+		return NULL;
>+	}
> 	status = security_descriptor_dacl_add(desc, ace);
> 	PyErr_NTSTATUS_IS_ERR_RAISE(status);
> 	Py_RETURN_NONE;
>-- 
>2.20.1
>

Actions: View

Attachments on bug 14067: 15372