The Samba-Bugzilla – Attachment 16154 Details for
Bug 14452
witness.idl has wrong types for witness_IPaddrInfo, causing fuzz crash
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
the likely fix
0001-idl-fix-witness-IPaddrInfo-struct.patch (text/plain), 1.24 KB, created by
Douglas Bagnall
on 2020-07-30 05:30:08 UTC
(
hide
)
Description:
the likely fix
Filename:
MIME Type:
Creator:
Douglas Bagnall
Created:
2020-07-30 05:30:08 UTC
Size:
1.24 KB
patch
obsolete
>From ff56f83c0c8874486239172b4c0cc6549e09dca0 Mon Sep 17 00:00:00 2001 >From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> >Date: Thu, 30 Jul 2020 17:21:22 +1200 >Subject: [PATCH] idl: fix witness IPaddrInfo struct > >These are inline values of fixed size; ipv{4,6}address indicates a >pointer to a string representation. > >See [MS-SWN] 2.2.2.1 > >https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-swn/eca3e933-07fe-42e6-8ddf-5fc5523210db > >Credit to OSS-Fuzz. > >REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22175&q=label%3AProj-samba >Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> >--- > librpc/idl/witness.idl | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > >diff --git a/librpc/idl/witness.idl b/librpc/idl/witness.idl >index e230a5ea709..ea738c5c0e9 100644 >--- a/librpc/idl/witness.idl >+++ b/librpc/idl/witness.idl >@@ -100,8 +100,8 @@ interface witness > > typedef [flag(NDR_NOALIGN|NDR_LITTLE_ENDIAN),gensize] struct { > witness_IPaddrInfo_flags flags; >- [flag(NDR_BIG_ENDIAN)] ipv4address ipv4; >- [flag(NDR_BIG_ENDIAN)] ipv6address ipv6; >+ [flag(NDR_BIG_ENDIAN)] uint8 ipv4[4]; >+ [flag(NDR_BIG_ENDIAN)] uint8 ipv6[16]; > } witness_IPaddrInfo; > > typedef [flag(NDR_NOALIGN|NDR_LITTLE_ENDIAN)] struct { >-- >2.25.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
metze
:
review-
Actions:
View
Attachments on
bug 14452
:
16154
|
16156
|
16157