diff options
author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2022-02-16 12:43:52 +1300 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2022-07-24 11:41:53 +0200 |
commit | 2869b5aa3148869edf0d079266542aef6e64608e (patch) | |
tree | bf91f65a32ebbf5fa5dd2b58f45650560295e9c3 | |
parent | 0526d27e9eddd9c2a54434cf0dcdb136a6c659e4 (diff) | |
download | samba-2869b5aa3148869edf0d079266542aef6e64608e.tar.gz |
CVE-2022-32746 ldb:rdn_name: Use LDB_FLAG_MOD_TYPE() for flags equality check
Now unrelated flags will no longer affect the result.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15009
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
-rw-r--r-- | lib/ldb/modules/rdn_name.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/ldb/modules/rdn_name.c b/lib/ldb/modules/rdn_name.c index e69ad9315ae..25cffe07591 100644 --- a/lib/ldb/modules/rdn_name.c +++ b/lib/ldb/modules/rdn_name.c @@ -545,7 +545,7 @@ static int rdn_name_modify(struct ldb_module *module, struct ldb_request *req) if (e != NULL) { ldb_asprintf_errstring(ldb, "Modify of 'distinguishedName' on %s not permitted, must use 'rename' operation instead", ldb_dn_get_linearized(req->op.mod.message->dn)); - if (e->flags == LDB_FLAG_MOD_REPLACE) { + if (LDB_FLAG_MOD_TYPE(e->flags) == LDB_FLAG_MOD_REPLACE) { return LDB_ERR_CONSTRAINT_VIOLATION; } else { return LDB_ERR_UNWILLING_TO_PERFORM; |