summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules/password_hash.c
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-06-30 14:21:51 +1000
committerAndrew Bartlett <abartlet@samba.org>2011-07-01 03:55:00 +0200
commitf3c3768d30410de8b0cc8b2ef078640bdc0864d4 (patch)
treed9e31e3ade9aefdea99c47e251c923785b5391f3 /source4/dsdb/samdb/ldb_modules/password_hash.c
parentf1b1a66615bfceb4d53c11140aceba2412d0ec37 (diff)
downloadsamba-f3c3768d30410de8b0cc8b2ef078640bdc0864d4.tar.gz
samba-f3c3768d30410de8b0cc8b2ef078640bdc0864d4.tar.bz2
samba-f3c3768d30410de8b0cc8b2ef078640bdc0864d4.zip
s4-dsdb guard principalName parse for invalid inputs
We need to ensure that if this parses name.name_string as just one val, then we don't read uninitialised and possibly unallocated memory. Found by Adam Thorn <alt36@cam.ac.uk> While we are checking that, we need to fix the strncasecmp() check to first check if the string is the expected length, then check for a match against sAMAccountName-without-doller, as otherwise we will permit a string such as machinefoo to match a sAMAccountName of machine. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Jul 1 03:55:00 CEST 2011 on sn-devel-104
Diffstat (limited to 'source4/dsdb/samdb/ldb_modules/password_hash.c')
0 files changed, 0 insertions, 0 deletions