delta/samba.git - git.samba.org: samba.git

diff options

author	Douglas Bagnall <douglas.bagnall@catalyst.net.nz>	2020-01-19 15:08:58 +1300
committer	Andrew Bartlett <abartlet@samba.org>	2020-02-07 10:19:39 +0000
commit	3bc7acc62646b105b03fd3c65e9170a373f95392 (patch)
tree	ac070b3a58773ad85ab7558960458aba220091ed /python/samba/tests/dsdb.py
parent	91d4e79c279283dd6fc953a274b02b1957db84d8 (diff)
download	samba-3bc7acc62646b105b03fd3c65e9170a373f95392.tar.gz

nmblib: avoid undefined behaviour in handle_name_ptrs()

If *offset is length - 1, we would read ubuf[(*offset)+1] as the lower bits of the new *offset. This value is undefined, but because it is checked against the valid range, there is no way to read further beyond that one byte. Credit to oss-fuzz. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14242 OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20193 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Feb 7 10:19:39 UTC 2020 on sn-devel-184

Diffstat (limited to 'python/samba/tests/dsdb.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: