diff options
author | Gary Lockyer <gary@catalyst.net.nz> | 2020-04-08 08:49:23 +1200 |
---|---|---|
committer | Gary Lockyer <gary@samba.org> | 2020-05-04 02:59:32 +0000 |
commit | 3149ea0a8aada3b03d1ca0af2e3a0f6304cda43b (patch) | |
tree | fec0faa865f27affacdae3036c1c5e2daf6655fd /docs-xml/smbdotconf | |
parent | 28ee4acc8347299cb41119012d9256d48c92cc5c (diff) | |
download | samba-3149ea0a8aada3b03d1ca0af2e3a0f6304cda43b.tar.gz |
CVE-2020-10704: libcli ldap_message: Add search size limits to ldap_decode
Add search request size limits to ldap_decode calls.
The ldap server uses the smb.conf variable
"ldap max search request size" which defaults to 250Kb.
For cldap the limit is hard coded as 4096.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'docs-xml/smbdotconf')
-rw-r--r-- | docs-xml/smbdotconf/ldap/ldapmaxsearchrequest.xml | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/docs-xml/smbdotconf/ldap/ldapmaxsearchrequest.xml b/docs-xml/smbdotconf/ldap/ldapmaxsearchrequest.xml new file mode 100644 index 00000000000..ebeb0816c01 --- /dev/null +++ b/docs-xml/smbdotconf/ldap/ldapmaxsearchrequest.xml @@ -0,0 +1,18 @@ +<samba:parameter name="ldap max search request size" + context="G" + type="integer" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para> + This parameter specifies the maximum permitted size (in bytes) + for an LDAP search request. + </para> + + <para> + If the request size exceeds this limit the request will be + rejected. + </para> +</description> +<value type="default">256000</value> +<value type="example">4194304</value> +</samba:parameter> |