The branch, master has been updated
via e5ba8cb6e97 dsdb: Align an integer type
via dede5475d3d dsdb: Fix CID 1665142, Null pointer dereferences
(FORWARD_NULL)
from 50edad8249c s4:dsdb:tests: Add tests for msDS-KeyCredentialLink
attribute
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit e5ba8cb6e97607a60db91c43f553b8bafa388394
Author: Volker Lendecke <[email protected]>
Date: Sat Aug 30 14:04:11 2025 +0200
dsdb: Align an integer type
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Martin Schwenke <[email protected]>
Autobuild-User(master): Volker Lendecke <[email protected]>
Autobuild-Date(master): Sun Aug 31 07:23:20 UTC 2025 on atb-devel-224
commit dede5475d3da31af89394c71b3ade706da7358a9
Author: Volker Lendecke <[email protected]>
Date: Sat Aug 30 14:01:59 2025 +0200
dsdb: Fix CID 1665142, Null pointer dereferences (FORWARD_NULL)
Do the ADD/MOD early, don't risk dereferencing msg without assignment.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Martin Schwenke <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/ldb_modules/acl.c | 17 ++++++++++-------
1 file changed, 10 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/acl.c
b/source4/dsdb/samdb/ldb_modules/acl.c
index 8432dbfe25b..fa3a9607043 100644
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@@ -874,10 +874,16 @@ static int acl_check_dns_host_name(TALLOC_CTX *mem_ctx,
return ldb_oom(ldb);
}
- if (req->operation == LDB_MODIFY) {
+ switch (req->operation) {
+ case LDB_MODIFY:
msg = req->op.mod.message;
- } else if (req->operation == LDB_ADD) {
+ break;
+ case LDB_ADD:
msg = req->op.add.message;
+ break;
+ default:
+ talloc_free(tmp_ctx);
+ return LDB_ERR_OPERATIONS_ERROR;
}
if (implicit_validated_write_control != NULL) {
@@ -958,11 +964,8 @@ static int acl_check_dns_host_name(TALLOC_CTX *mem_ctx,
}
search_res = acl_res->msgs[0];
- } else if (req->operation == LDB_ADD) {
- search_res = msg;
} else {
- talloc_free(tmp_ctx);
- return LDB_ERR_OPERATIONS_ERROR;
+ search_res = msg;
}
/* Check if the account has objectclass 'computer' or 'server'. */
@@ -1424,7 +1427,7 @@ static int acl_add(struct ldb_module *module, struct
ldb_request *req)
const char **must_contain = NULL;
const struct ldb_message *msg = req->op.add.message;
const struct dom_sid *domain_sid = NULL;
- int i = 0;
+ unsigned int i = 0;
bool attribute_authorization;
bool is_subclass;
--
Samba Shared Repository
