CVE-2021-3670 ldap_server: Ensure value of MaxQueryDuration is greater than zero

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14694 Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
author: Joseph Sutton <josephsutton@catalyst.net.nz> 2021-09-28 17:20:43 +1300
committer: Douglas Bagnall <dbagnall@samba.org> 2021-11-25 01:41:30 +0000
commit: e1ab0c43629686d1d2c0b0b2bcdc90057a792049 (patch)
tree: 0398b0b725f964610b0a4017d7b635429bbbdc2f
parent: 86fe9d48883f87c928bf31ccbd275db420386803 (diff)
download: samba-e1ab0c43629686d1d2c0b0b2bcdc90057a792049.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
index ce4fd4f41d6..fbea5859756 100644
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -255,7 +255,9 @@ static int ldapsrv_load_limits(struct ldapsrv_connection *conn)
 			continue;
 		}
 		if (strcasecmp("MaxQueryDuration", policy_name) == 0) {
-			conn->limits.search_timeout = policy_value;
+			if (policy_value > 0) {
+				conn->limits.search_timeout = policy_value;
+			}
 			continue;
 		}
 	}
author	Joseph Sutton <josephsutton@catalyst.net.nz>	2021-09-28 17:20:43 +1300
committer	Douglas Bagnall <dbagnall@samba.org>	2021-11-25 01:41:30 +0000
commit	e1ab0c43629686d1d2c0b0b2bcdc90057a792049 (patch)
tree	0398b0b725f964610b0a4017d7b635429bbbdc2f
parent	86fe9d48883f87c928bf31ccbd275db420386803 (diff)
download	samba-e1ab0c43629686d1d2c0b0b2bcdc90057a792049.tar.gz