Bug 13367 - samldb_add_handle_msDS_IntId() can generate a random msDS-IntId value and use it without ensuring it doesn't already exist.
samldb_add_handle_msDS_IntId() can generate a random msDS-IntId value and use...
Status: RESOLVED FIXED
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB
unspecified
All All
: P5 normal
: ---
Assigned To: Karolin Seeger
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-04-03 22:41 UTC by Jeremy Allison
Modified: 2018-04-12 06:52 UTC (History)
3 users (show)

See Also:


Attachments
git-am fix for 4.8.next, 4.7.next. (1.20 KB, patch)
2018-04-06 00:11 UTC, Jeremy Allison
vl: review+
jra: review? (metze)
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Jeremy Allison 2018-04-03 22:41:36 UTC
Logic error in samldb_add_handle_msDS_IntId() could allow a random msds_intid value to be generated and used without checking if it already exists in the schema.

Patch (from Volker) to follow.
Comment 1 Jeremy Allison 2018-04-06 00:11:38 UTC
Created attachment 14105 [details]
git-am fix for 4.8.next, 4.7.next.

Cherry-picked from master.
Comment 2 Karolin Seeger 2018-04-10 07:35:51 UTC
Pushed to autobuild-v4-[7,8]-test.
Comment 3 Karolin Seeger 2018-04-12 06:52:44 UTC
(In reply to Karolin Seeger from comment #2)
Pushed to both branches.
Closing out bug report.

Thanks!