diff options
author | Douglas Bagnall <douglas.bagnall@catalyst.net.nz> | 2020-06-11 17:38:51 +1200 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2020-06-30 12:52:13 +0200 |
commit | ddd3ed7ce2e2776839c463010bd975f01dd0977d (patch) | |
tree | 4a34f16722ffad35b1c04d5efe42e68579685557 /source4/selftest | |
parent | c9fd1dbb13175fcda45826f687e834a6d67df4cc (diff) | |
download | samba-ddd3ed7ce2e2776839c463010bd975f01dd0977d.tar.gz |
CVE-2020-10745: pytests: hand-rolled invalid dns/nbt packet tests
The client libraries don't allow us to make packets that are broken in
certain ways, so we need to construct them as byte strings.
These tests all fail at present, proving the server is rendered
unresponsive, which is the crux of CVE-2020-10745.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14378
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Diffstat (limited to 'source4/selftest')
-rwxr-xr-x | source4/selftest/tests.py | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py index f7645365384..6281b7e8f12 100755 --- a/source4/selftest/tests.py +++ b/source4/selftest/tests.py @@ -421,6 +421,16 @@ plantestsuite_loadlist("samba.tests.dns_wildcard", "ad_dc", [python, os.path.joi plantestsuite_loadlist("samba.tests.dns_invalid", "ad_dc", [python, os.path.join(srcdir(), "python/samba/tests/dns_invalid.py"), '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT']) +plantestsuite_loadlist("samba.tests.dns_packet", + "ad_dc", + [python, + '-msamba.subunit.run', + '$LOADLIST', + "$LISTOPT" + "samba.tests.dns_packet" + ]) + + for t in smbtorture4_testsuites("dns_internal."): plansmbtorture4testsuite(t, "ad_dc_default:local", '//$SERVER/whavever') |