diff options
author | Michael Hanselmann <public@hansmi.ch> | 2019-03-17 13:49:20 +0100 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2019-04-02 09:10:56 +0000 |
commit | d4ef858ec112149f5ab5504d6367aa60d52446f5 (patch) | |
tree | 6871069db30448b0a42ae8d5323454f3db3b59ce /testdata | |
parent | bf6a85178205b777274136cd2c2ace62a8f1a17d (diff) | |
download | samba-d4ef858ec112149f5ab5504d6367aa60d52446f5.tar.gz |
regfio: Improve handling of malformed registry hive files
* next_record: A malformed file can lead to an endless loop.
* regfio_rootkey: Supplying a malformed registry hive file to the
registry hive I/O code can lead to out-of-bounds reads.
Test cases are included. Both issues resolved have been identified using
AddressSanitizer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13840
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 601afd690346087fbd53819dba9b1afa81560064)
Diffstat (limited to 'testdata')
-rw-r--r-- | testdata/samba3/regfio_corrupt_hbin1.dat | bin | 0 -> 5120 bytes |
-rw-r--r-- | testdata/samba3/regfio_corrupt_lf_subkeys.dat | bin | 0 -> 5120 bytes |
2 files changed, 0 insertions, 0 deletions
diff --git a/testdata/samba3/regfio_corrupt_hbin1.dat b/testdata/samba3/regfio_corrupt_hbin1.dat Binary files differnew file mode 100644 index 00000000000..e74d6784239 --- /dev/null +++ b/testdata/samba3/regfio_corrupt_hbin1.dat diff --git a/testdata/samba3/regfio_corrupt_lf_subkeys.dat b/testdata/samba3/regfio_corrupt_lf_subkeys.dat Binary files differnew file mode 100644 index 00000000000..c540051f7f1 --- /dev/null +++ b/testdata/samba3/regfio_corrupt_lf_subkeys.dat |