[SCM] Samba Shared Repository - branch master updated

Fri, 19 Oct 2018 05:01:26 -0700 

The branch, master has been updated
       via  e310ad7 s3:secrets: clean up sid before storing
      from  7b59cd7 dsdb encrypted_secrets: Allow "ldb:// and "mdb://" in file 
path

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit e310ad7e1ebabfb6d5f1a3cfd096da6cfe4a286c
Author: Philipp Gesang <[email protected]>
Date:   Thu Oct 4 09:25:14 2018 +0200

    s3:secrets: clean up sid before storing
    
    SIDs may contain non-zero memory beyond SubAuthorityCount:
    
        {
        key(15) = "SECRETS/SID/FOO"
        data(68) = 
"\01\04\00\00\00\00\00\05\15\00\00\00}u@\8C\08\A3\06nx\95\16\FE\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00`F\92\B7\03\00\00\00\18e\92\B7\03\00\00\00@H\92\B7\00\00\00\00"
        }
    
    These parts are lost when converting to ``string format syntax``
    so a roundtrip conversion does not result in the same binary
    representation.
    
    Ensure that these never reach the tdb by using an initialized
    copy. This allows bitwise comparisons of secrets.tdb after
    dumping SIDs as text and reading them back.
    
    Signed-off-by: Philipp Gesang <[email protected]>
    Reviewed-by: Volker Lendecke <[email protected]>
    Reviewed-by: Andrew Bartlett <[email protected]>
    
    Autobuild-User(master): Andrew Bartlett <[email protected]>
    Autobuild-Date(master): Fri Oct 19 13:59:04 CEST 2018 on sn-devel-144

-----------------------------------------------------------------------

Summary of changes:
 source3/passdb/machine_account_secrets.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)


Changeset truncated at 500 lines:

diff --git a/source3/passdb/machine_account_secrets.c 
b/source3/passdb/machine_account_secrets.c
index a96bf1c..d8ffcaa 100644
--- a/source3/passdb/machine_account_secrets.c
+++ b/source3/passdb/machine_account_secrets.c
@@ -114,6 +114,7 @@ bool secrets_store_domain_sid(const char *domain, const 
struct dom_sid  *sid)
 {
        char *protect_ids;
        bool ret;
+       struct dom_sid clean_sid = { 0 };
 
        protect_ids = secrets_fetch(protect_ids_keystr(domain), NULL);
        if (protect_ids) {
@@ -126,7 +127,15 @@ bool secrets_store_domain_sid(const char *domain, const 
struct dom_sid  *sid)
        }
        SAFE_FREE(protect_ids);
 
-       ret = secrets_store(domain_sid_keystr(domain), sid, sizeof(struct 
dom_sid ));
+       /*
+        * use a copy to prevent uninitialized memory from being carried over
+        * to the tdb
+        */
+       sid_copy(&clean_sid, sid);
+
+       ret = secrets_store(domain_sid_keystr(domain),
+                           &clean_sid,
+                           sizeof(struct dom_sid));
 
        /* Force a re-query, in the case where we modified our domain */
        if (ret) {


-- 
Samba Shared Repository

Reply via email to