summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoseph Sutton <josephsutton@catalyst.net.nz>2022-02-16 12:43:52 +1300
committerJule Anger <janger@samba.org>2022-07-24 11:41:53 +0200
commit2869b5aa3148869edf0d079266542aef6e64608e (patch)
treebf91f65a32ebbf5fa5dd2b58f45650560295e9c3
parent0526d27e9eddd9c2a54434cf0dcdb136a6c659e4 (diff)
downloadsamba-2869b5aa3148869edf0d079266542aef6e64608e.tar.gz
CVE-2022-32746 ldb:rdn_name: Use LDB_FLAG_MOD_TYPE() for flags equality check
Now unrelated flags will no longer affect the result. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15009 Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Diffstat
-rw-r--r--lib/ldb/modules/rdn_name.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/ldb/modules/rdn_name.c b/lib/ldb/modules/rdn_name.c
index e69ad9315ae..25cffe07591 100644
--- a/lib/ldb/modules/rdn_name.c
+++ b/lib/ldb/modules/rdn_name.c
@@ -545,7 +545,7 @@ static int rdn_name_modify(struct ldb_module *module, struct ldb_request *req)
if (e != NULL) {
ldb_asprintf_errstring(ldb, "Modify of 'distinguishedName' on %s not permitted, must use 'rename' operation instead",
ldb_dn_get_linearized(req->op.mod.message->dn));
- if (e->flags == LDB_FLAG_MOD_REPLACE) {
+ if (LDB_FLAG_MOD_TYPE(e->flags) == LDB_FLAG_MOD_REPLACE) {
return LDB_ERR_CONSTRAINT_VIOLATION;
} else {
return LDB_ERR_UNWILLING_TO_PERFORM;
View Lorry Controller Status