diff options
| author | Yi Zhao <yi.zhao@windriver.com> | 2020-07-31 16:51:09 +0800 |
|---|---|---|
| committer | Armin Kuster <akuster808@gmail.com> | 2020-08-23 11:08:25 -0700 |
| commit | 060d218f82af9070a8e79cefe1093f9b0e6bd7b8 (patch) | |
| tree | 0bc8f39a2a28083dd930b6c465e61e612432c258 /meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch | |
| parent | 5fe92ba89e7f3c05eebb15592720974ae92a5d6a (diff) | |
| download | meta-openembedded-contrib-060d218f82af9070a8e79cefe1093f9b0e6bd7b8.tar.gz meta-openembedded-contrib-060d218f82af9070a8e79cefe1093f9b0e6bd7b8.tar.bz2 meta-openembedded-contrib-060d218f82af9070a8e79cefe1093f9b0e6bd7b8.zip | |
samba: upgrade 4.10.15 -> 4.10.17
This is a security release in order to address the following defects:
CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD
DC LDAP Server with ASQ, VLV and paged_results.
CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
excessive CPU
CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with
paged_results and VLV.
CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.
Also backport 3 patches to fix build error with musl.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1609df11530ebb73de863d0c705e16107015dbe3)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch')
| -rw-r--r-- | meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch b/meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch new file mode 100644 index 0000000000..53a3f67814 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch @@ -0,0 +1,50 @@ +From 016e08ca07f86af9e0131a908a2df116bcb9a48e Mon Sep 17 00:00:00 2001 +From: Martin Schwenke <martin@meltin.net> +Date: Fri, 5 Jun 2020 22:05:42 +1000 +Subject: [PATCH 3/3] util: Reallocate larger buffer if getpwuid_r() returns + ERANGE + +Signed-off-by: Martin Schwenke <martin@meltin.net> +Reviewed-by: Volker Lendecke <vl@samba.org> +Reviewed-by: Bjoern Jacke <bjacke@samba.org> + +Autobuild-User(master): Martin Schwenke <martins@samba.org> +Autobuild-Date(master): Tue Jun 9 21:07:24 UTC 2020 on sn-devel-184 + +(cherry picked from commit ddac6b2eb4adaec8fc5e25ca07387d2b9417764c) + +Upstream-Status:Backport +[https://gitlab.com/samba-team/samba/-/commit/016e08ca07f86af9e0131a908a2df116bcb9a48e] + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + lib/util/util_paths.c | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c +index 9bc6df37e5d..72cc0aab8de 100644 +--- a/lib/util/util_paths.c ++++ b/lib/util/util_paths.c +@@ -86,6 +86,19 @@ static char *get_user_home_dir(TALLOC_CTX *mem_ctx) + } + + rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf); ++ while (rc == ERANGE) { ++ size_t newlen = 2 * len; ++ if (newlen < len) { ++ /* Overflow */ ++ goto done; ++ } ++ len = newlen; ++ buf = talloc_realloc_size(mem_ctx, buf, len); ++ if (buf == NULL) { ++ goto done; ++ } ++ rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf); ++ } + if (rc != 0 || pwdbuf == NULL ) { + const char *szPath = getenv("HOME"); + if (szPath == NULL) { +-- +2.17.1 + |