The Samba-Bugzilla – Attachment 8065 Details for
Bug 9263
input parameter validation is missing for UpdateRefs
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Good fix
0015-drsuapi-Validate-the-input-parameters-for-the-drsuap.patch (text/plain), 1.31 KB, created by
Matthieu Patou
on 2012-10-13 07:52:43 UTC
(
hide
)
Description:
Good fix
Filename:
MIME Type:
Creator:
Matthieu Patou
Created:
2012-10-13 07:52:43 UTC
Size:
1.31 KB
patch
obsolete
>From dc002a394b0e41254c061176f480b56a0ac4097d Mon Sep 17 00:00:00 2001 >From: Matthieu Patou <mat@matws.net> >Date: Thu, 27 Sep 2012 15:22:00 -0700 >Subject: [PATCH 15/20] drsuapi: Validate the input parameters for the > drsuapi_UpdateRefs function > >--- > source4/rpc_server/drsuapi/updaterefs.c | 16 ++++++++++++++++ > 1 file changed, 16 insertions(+) > >diff --git a/source4/rpc_server/drsuapi/updaterefs.c b/source4/rpc_server/drsuapi/updaterefs.c >index e82ae48..3cea1c4 100644 >--- a/source4/rpc_server/drsuapi/updaterefs.c >+++ b/source4/rpc_server/drsuapi/updaterefs.c >@@ -137,6 +137,22 @@ WERROR drsuapi_UpdateRefs(struct drsuapi_bind_state *b_state, TALLOC_CTX *mem_ct > req->options, > drs_ObjectIdentifier_to_string(mem_ctx, req->naming_context))); > >+ /* >+ * 4.1.26.2 Server Behavior of the IDL_DRSUpdateRefs Method >+ * Implements the input validation checks >+ */ >+ if (GUID_all_zero(&req->dest_dsa_guid)) { >+ return WERR_DS_DRA_INVALID_PARAMETER; >+ } >+ >+ if (req->dest_dsa_dns_name == NULL) { >+ return WERR_DS_DRA_INVALID_PARAMETER; >+ } >+ >+ if (!(req->options & (DRSUAPI_DRS_DEL_REF|DRSUAPI_DRS_ADD_REF))) { >+ return WERR_DS_DRA_INVALID_PARAMETER; >+ } >+ > dn = drs_ObjectIdentifier_to_dn(mem_ctx, sam_ctx, req->naming_context); > W_ERROR_HAVE_NO_MEMORY(dn); > ret = dsdb_find_nc_root(sam_ctx, dn, dn, &nc_root); >-- >1.7.9.5 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
abartlet
:
review+
Actions:
View
Attachments on
bug 9263
:
8064
| 8065