Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix bug #7669. | Jeremy Allison | 2010-09-15 | 2 | -0/+8 |
| | | | | | | | | | | | | | | | | | | | | | | | | | Fix bug #7669 (buffer overflow in sid_parse() in Samba3 and dom_sid_parse in Samba4). CVE-2010-3069: =========== Description =========== All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of a Windows SID (Security ID). This allows a malicious client to send a sid that can overflow the stack variable that is being used to store the SID in the Samba smbd server. A connection to a file share is needed to exploit this vulnerability, either authenticated or unauthenticated (guest connection). (cherry picked from commit df20a300758bc12286820e31fcf573bdfc2147bc) | ||||
* | error-codes: add some more WERRORs to table. | Günther Deschner | 2009-05-13 | 1 | -0/+2 |
| | | | | | | | These tables really should be auto-generated at some point... Guenther (cherry picked from commit aa84ca6e6ba66536ca32dc5792d27e2169589a14) | ||||
* | error-codes: add some more group specific windows error codes. | Günther Deschner | 2009-05-05 | 2 | -0/+6 |
| | | | | | Guenther (cherry picked from commit e7a8577df1e92982ff717a62280f86e3b0384d54) | ||||
* | error-codes: add WERR_CM_INVALID_POINTER. | Günther Deschner | 2009-04-10 | 1 | -0/+1 |
| | | | | | Guenther (cherry picked from commit 43eb50655e71e5f407ffbd7069cc2d45a3b478b6) | ||||
* | error-codes: add some service related error codes. | Günther Deschner | 2009-04-08 | 2 | -0/+6 |
| | | | | | | | Patch initially from: Danny Tylman <danny.tylman@insightix.com> Guenther (cherry picked from commit cc98d3ae9f5c1aa29a6ccda2f88351431849e9fd) | ||||
* | error-codes: add WERR_DS_DRA_SOURCE_DISABLED. | Günther Deschner | 2009-03-26 | 2 | -0/+2 |
| | | | | | Guenther (cherry picked from commit 5603c0f2ba9d5b90e5f8b71e779ec037053f04f8) | ||||
* | error-codes: add WERR_DEVICE_NOT_CONNECTED. | Günther Deschner | 2009-03-02 | 2 | -0/+2 |
| | | | | Guenther | ||||
* | libcli/security: fix the source4 build | Stefan Metzmacher | 2009-03-02 | 1 | -0/+1 |
| | | | | metze | ||||
* | libcli/security: fix the source3 build | Stefan Metzmacher | 2009-03-02 | 2 | -2/+2 |
| | | | | metze | ||||
* | Add header files for secace and secacl. | Jelmer Vernooij | 2009-03-01 | 2 | -0/+72 |
| | |||||
* | Move secacl to top-level. | Jelmer Vernooij | 2009-03-01 | 1 | -0/+122 |
| | |||||
* | dom_sid.h: Include dependency security.h that provides the dom_sid struct. | Jelmer Vernooij | 2009-03-01 | 1 | -0/+2 |
| | |||||
* | Move secace.c to top-level. | Jelmer Vernooij | 2009-03-01 | 1 | -0/+281 |
| | |||||
* | libcli/util/werror.h: add macro W_ERROR_NOT_OK_GOTO(x, y) | Michael Adam | 2009-02-26 | 1 | -0/+6 |
| | | | | | | a goto destination can be specified as a second parameter. Michael | ||||
* | s3: move definition of W_ERROR_NOT_OK_GOTO_DONE down to libcli/util/werror.h | Michael Adam | 2009-02-26 | 1 | -0/+6 |
| | | | | Michael | ||||
* | error-codes: print out WERR_UNKNOWN_PRINT_MONITOR. | Günther Deschner | 2009-02-24 | 1 | -0/+1 |
| | | | | Guenther | ||||
* | libcli/ldap: move generic ldap control encoding code to ldap_message.c | Stefan Metzmacher | 2009-02-24 | 2 | -6/+156 |
| | | | | | | | As they can we static there, we pass the specific handlers as parameter where we need to support controls. metze | ||||
* | libcli/ldap: move ldap_ndr from source4/ to toplevel | Stefan Metzmacher | 2009-02-24 | 3 | -1/+117 |
| | | | | metze | ||||
* | libcli/ldap: fix compiler warnings | Stefan Metzmacher | 2009-02-24 | 2 | -6/+11 |
| | | | | metze | ||||
* | libcli/ldap: move ldap_errors.h to the toplevel and install it | Stefan Metzmacher | 2009-02-24 | 3 | -2/+70 |
| | | | | metze | ||||
* | libcli/ldap: move ldap_message.[ch] from source4/ to the toplevel | Stefan Metzmacher | 2009-02-24 | 3 | -0/+1698 |
| | | | | metze | ||||
* | error-codes: add WERR_INVALID_USER_BUFFER. | Günther Deschner | 2009-02-24 | 2 | -0/+2 |
| | | | | Guenther | ||||
* | Add missing include to shut up missing prototype warnings | Volker Lendecke | 2009-02-14 | 1 | -0/+1 |
| | |||||
* | s4 torture: Smbtorture additions for Windows BRL | Zack Kirsch | 2009-02-11 | 1 | -0/+3 |
| | | | | | | - Adds a few new BRL tests to RAW-LOCK - Adds a "win7" target to allow torture to handle protocol changes in windows 7 | ||||
* | libcli/nbt: s/private/private_data | Stefan Metzmacher | 2009-02-02 | 1 | -6/+6 |
| | | | | metze | ||||
* | s3: Fix the non-merged build. | Kai Blin | 2009-02-01 | 1 | -1/+0 |
| | |||||
* | shared: Move dom_sid_* utility functions to top level | Kai Blin | 2009-02-01 | 3 | -0/+359 |
| | |||||
* | Attempt to fix the merged build | Volker Lendecke | 2009-01-19 | 2 | -3/+3 |
| | |||||
* | libcli/nbt: add nbt_name_socket_handle_response_packet() | Stefan Metzmacher | 2009-01-19 | 2 | -3/+13 |
| | | | | | | | | | Move the last part of nbt_name_socket_recv() into a new function nbt_name_socket_handle_response_packet() so that it can be reused by an unexpected handler. metze (from samba4wins tree cb0377f3b95e50c84fac999a49dde80acc933124) | ||||
* | libcli/nbt: add nbt_set_unexpected_handler() | Stefan Metzmacher | 2009-01-19 | 2 | -0/+17 |
| | | | | | metze (from samba4wins tree 74232901d1e7ea9ebcb3bd8d584dda36fac37223) | ||||
* | libcli/nbt: fix wack timeout handling | Stefan Metzmacher | 2009-01-19 | 1 | -3/+18 |
| | | | | | | | | | | | | | | | | | | | If the client gets a WACK response, the server sends a timeout to the client. Possible values are between 9 and 105 seconds. Because w2k3 servers have a bug and always return a value of 5 seconds, we need a workarround. Always using a fixed value of 30 seconds is bad as we could timeout to early. Now we use the value from the server if it's in the valid range and otherwise we use the upper limit of the valid range (105s). metze (from samba4wins tree 40ef7739f4141598a6392c203e4a2d52d972fe06) | ||||
* | Revert "Remove another use of global_loadparm." | Stefan Metzmacher | 2009-01-19 | 3 | -6/+2 |
| | | | | | | | | | This reverts commit ee7c2170a79f1ca9e2ad1a209d342d8fd287ec8d. A much more correct fix will come soon. (40ef7739f4141598a6392c203e4a2d52d972fe06 from the samba4wins tree) metze | ||||
* | Avoid using a utility header for Python replacements included in Samba, | Jelmer Vernooij | 2009-01-08 | 1 | -1/+5 |
| | | | | since this will not be shipped with talloc/tdb/tevent/etc. | ||||
* | s3/s4 build: Fix Py_RETURN_NONE to work with python versions < 2.4 | Tim Prouty | 2009-01-07 | 1 | -1/+1 |
| | |||||
* | py: Properly increase the reference counter of Py_None. | Jelmer Vernooij | 2009-01-06 | 1 | -1/+1 |
| | |||||
* | Add iconv_convenience argument to size functions. | Jelmer Vernooij | 2009-01-01 | 1 | -3/+3 |
| | |||||
* | s4:lib/tevent: rename structs | Stefan Metzmacher | 2008-12-29 | 4 | -10/+10 |
| | | | | | | | | | | | | | | | | | | | | list="" list="$list event_context:tevent_context" list="$list fd_event:tevent_fd" list="$list timed_event:tevent_timer" for s in $list; do o=`echo $s | cut -d ':' -f1` n=`echo $s | cut -d ':' -f2` r=`git grep "struct $o" |cut -d ':' -f1 |sort -u` files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4` for f in $files; do cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp mv $f.tmp $f done done metze | ||||
* | Fix more compiler warnings. | Jelmer Vernooij | 2008-12-23 | 1 | -2/+2 |
| | |||||
* | libcli/nbt: fix some extrasemi compile warnings. | Michael Adam | 2008-11-23 | 1 | -3/+3 |
| | | | | Michael | ||||
* | errors: add WERR_CM_BUFFER_SMALL. | Günther Deschner | 2008-11-12 | 1 | -0/+1 |
| | | | | Guenther | ||||
* | nterrors: add NT_STATUS_DS_BUSY. | Günther Deschner | 2008-11-10 | 1 | -0/+1 |
| | | | | Guenther | ||||
* | doserr: add WERR_NO_TRUST_SAM_ACCOUNT. | Günther Deschner | 2008-11-06 | 2 | -0/+2 |
| | | | | Guenther | ||||
* | Fix the build. | Jelmer Vernooij | 2008-11-02 | 1 | -3/+1 |
| | |||||
* | Remove another use of global_loadparm. | Jelmer Vernooij | 2008-11-02 | 4 | -3/+9 |
| | |||||
* | Remove use of global_loadparm when comparing nt status error - use | Jelmer Vernooij | 2008-11-02 | 1 | -0/+3 |
| | | | | global variable instead. | ||||
* | Use shared doserr.c. | Jelmer Vernooij | 2008-11-01 | 2 | -0/+88 |
| | |||||
* | Fix the build. | Jelmer Vernooij | 2008-10-24 | 1 | -2/+2 |
| | |||||
* | Remove unused include param/param.h. | Jelmer Vernooij | 2008-10-24 | 4 | -4/+0 |
| | |||||
* | Remove more global_loadparm instances, fix syntax errors. | Jelmer Vernooij | 2008-10-24 | 1 | -4/+4 |
| | |||||
* | Fix "parameter has incomplete type" build warning. | Tim Prouty | 2008-10-23 | 1 | -7/+0 |
| | | | | | | | | | | When libcli-util was moved to the top level (3be0f6ea56ed8e43cd287ed020e942efb675b87b) it introduced a build warning. Since ndr_map_error2ntstatus depends on the definition of enum ndr_err_code and libndr.h can't be easily included in error.h, I moved the definition of enum ndr_err_code to libndr.h. This also eliminates the need for the duplicate definition in proto.h |