diff options
author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2022-01-18 12:02:45 +1300 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2022-01-30 14:05:32 +0100 |
commit | 2802b7d8f3f77a639d0d69bced528f328655750b (patch) | |
tree | 6af768b1ee338cb23bfa11bca69d0c8e767291d2 | |
parent | 7368e0051a320fce48c1f303914b62985a40beb0 (diff) | |
download | samba-2802b7d8f3f77a639d0d69bced528f328655750b.tar.gz |
CVE-2022-0336: s4/dsdb/samldb: Don't return early when an SPN is re-added to an object
If an added SPN already exists on an object, we still want to check the
rest of the element values for conflicts.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14950
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
-rw-r--r-- | selftest/knownfail.d/ldap_spn | 1 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/samldb.c | 3 |
2 files changed, 1 insertions, 3 deletions
diff --git a/selftest/knownfail.d/ldap_spn b/selftest/knownfail.d/ldap_spn index 16dafa91b66..63f9fe02ef7 100644 --- a/selftest/knownfail.d/ldap_spn +++ b/selftest/knownfail.d/ldap_spn @@ -1,2 +1 @@ samba.tests.ldap_spn.+LdapSpnTest.test_spn_dodgy_spns -samba.tests.ldap_spn.+LdapSpnSambaOnlyTest.test_spn_add_a_conflict_along_with_a_re_added_SPN diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index f0227411ccd..a219446bba7 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -4001,8 +4001,7 @@ static int samldb_spn_uniqueness_check(struct samldb_ctx *ac, ac->msg->dn); if (ret == LDB_ERR_COMPARE_TRUE) { DBG_INFO("SPN %s re-added to the same object\n", spn); - talloc_free(tmp_ctx); - return LDB_SUCCESS; + continue; } if (ret != LDB_SUCCESS) { DBG_ERR("SPN %s failed direct uniqueness check\n", spn); |