diff options
author | Andrew Bartlett <abartlet@samba.org> | 2023-03-02 16:31:17 +1300 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2023-03-20 10:03:38 +0100 |
commit | c64b48b2b2652d6a8241105d570904219a98d226 (patch) | |
tree | c2d8102711b54eb8defd3f30819e5cde224a3dbc | |
parent | 1cfaa078ffcbd915f8494cd98b375dd2598010ec (diff) | |
download | samba-c64b48b2b2652d6a8241105d570904219a98d226.tar.gz |
CVE-2023-0614 dsdb: Add DSDB_MARK_REQ_UNTRUSTED
This will allow our dsdb helper search functions to mark the new
request as untrusted, forcing read ACL evaluation (per current behaviour).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
[abartlet@samba.org adapted due to Samba 4.16 and lower
not having the patches for CVE-2022-32743]
-rw-r--r-- | source4/dsdb/common/util.c | 4 | ||||
-rw-r--r-- | source4/dsdb/common/util.h | 1 |
2 files changed, 5 insertions, 0 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index 1436cd7bfec..c261aee3e59 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -4606,6 +4606,10 @@ int dsdb_request_add_controls(struct ldb_request *req, uint32_t dsdb_flags) } } + if (dsdb_flags & DSDB_MARK_REQ_UNTRUSTED) { + ldb_req_mark_untrusted(req); + } + return LDB_SUCCESS; } diff --git a/source4/dsdb/common/util.h b/source4/dsdb/common/util.h index e1854644d53..5bb96d60b3c 100644 --- a/source4/dsdb/common/util.h +++ b/source4/dsdb/common/util.h @@ -43,6 +43,7 @@ #define DSDB_MODIFY_PARTIAL_REPLICA 0x04000 #define DSDB_PASSWORD_BYPASS_LAST_SET 0x08000 #define DSDB_REPLMD_VANISH_LINKS 0x10000 +#define DSDB_MARK_REQ_UNTRUSTED 0x20000 bool is_attr_in_list(const char * const * attrs, const char *attr); |