diff options
author | Michael Hanselmann <public@hansmi.ch> | 2019-03-17 13:49:20 +0100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2019-03-20 05:26:18 +0000 |
commit | 601afd690346087fbd53819dba9b1afa81560064 (patch) | |
tree | 1d1396642cd1df0b0bd14dd3e55af2c8d31d31ae /testdata | |
parent | 9b2cb845b23cd1c91ab3b5ea8ad791b18b3ab733 (diff) | |
download | samba-601afd690346087fbd53819dba9b1afa81560064.tar.gz |
regfio: Improve handling of malformed registry hive files
* next_record: A malformed file can lead to an endless loop.
* regfio_rootkey: Supplying a malformed registry hive file to the
registry hive I/O code can lead to out-of-bounds reads.
Test cases are included. Both issues resolved have been identified using
AddressSanitizer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13840
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'testdata')
-rw-r--r-- | testdata/samba3/regfio_corrupt_hbin1.dat | bin | 0 -> 5120 bytes |
-rw-r--r-- | testdata/samba3/regfio_corrupt_lf_subkeys.dat | bin | 0 -> 5120 bytes |
2 files changed, 0 insertions, 0 deletions
diff --git a/testdata/samba3/regfio_corrupt_hbin1.dat b/testdata/samba3/regfio_corrupt_hbin1.dat Binary files differnew file mode 100644 index 00000000000..e74d6784239 --- /dev/null +++ b/testdata/samba3/regfio_corrupt_hbin1.dat diff --git a/testdata/samba3/regfio_corrupt_lf_subkeys.dat b/testdata/samba3/regfio_corrupt_lf_subkeys.dat Binary files differnew file mode 100644 index 00000000000..c540051f7f1 --- /dev/null +++ b/testdata/samba3/regfio_corrupt_lf_subkeys.dat |