← Back to branch summary

~ubuntu-branches/ubuntu/oneiric/samba/oneiric-security

~ubuntu-branches/ubuntu/oneiric/samba/oneiric-security

« back to all changes in this revision

Viewing changes to source3/librpc/gen_ndr/ndr_secrets.c

Committer: Package Import Robot
Author(s): Tyler Hicks
Date: 2012-04-12 05:28:44 UTC
mfrom: (147.1.1 oneiric-proposed)
Revision ID: package-import@ubuntu.com-20120412052844-348q6l4dcb303sdu

Tags: 2:3.5.11~dfsg-1ubuntu2.2

https://launchpad.net/bugs/978458

* SECURITY UPDATE: Unauthenticated remote code execution via
  RPC calls (LP: #978458)
  - debian/patches/CVE-2012-1182-1.patch: Fix PIDL compiler to generate code
    that uses the same value for array allocation and array length checks.
    Based on upstream patch.
  - debian/patches/CVE-2012-1182-2.patch: Regenerate PIDL generated files with
    the patched PIDL compiler
  - CVE-2012-1182

files added:
.pc/CVE-2012-1182-1.patch

.pc/CVE-2012-1182-1.patch/pidl

.pc/CVE-2012-1182-1.patch/pidl/lib

.pc/CVE-2012-1182-1.patch/pidl/lib/Parse

.pc/CVE-2012-1182-1.patch/pidl/lib/Parse/Pidl

.pc/CVE-2012-1182-1.patch/pidl/lib/Parse/Pidl/Samba4

.pc/CVE-2012-1182-1.patch/pidl/lib/Parse/Pidl/Samba4/NDR

.pc/CVE-2012-1182-1.patch/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm

.pc/CVE-2012-1182-2.patch

.pc/CVE-2012-1182-2.patch/librpc

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_dcerpc.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_dfs.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_drsblobs.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_drsuapi.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_dssetup.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_echo.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_epmapper.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_eventlog.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_krb5pac.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_lsa.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_misc.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_named_pipe_auth.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_nbt.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_netlogon.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_ntlmssp.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_ntsvcs.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_samr.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_schannel.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_security.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_spoolss.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_srvsvc.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_svcctl.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_winreg.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_wkssvc.c

.pc/CVE-2012-1182-2.patch/librpc/gen_ndr/ndr_xattr.c

.pc/CVE-2012-1182-2.patch/source3

.pc/CVE-2012-1182-2.patch/source3/librpc

.pc/CVE-2012-1182-2.patch/source3/librpc/gen_ndr

.pc/CVE-2012-1182-2.patch/source3/librpc/gen_ndr/ndr_libnetapi.c

.pc/CVE-2012-1182-2.patch/source3/librpc/gen_ndr/ndr_messaging.c

.pc/CVE-2012-1182-2.patch/source3/librpc/gen_ndr/ndr_notify.c

.pc/CVE-2012-1182-2.patch/source3/librpc/gen_ndr/ndr_perfcount.c

.pc/CVE-2012-1182-2.patch/source3/librpc/gen_ndr/ndr_printcap.c

.pc/CVE-2012-1182-2.patch/source3/librpc/gen_ndr/ndr_secrets.c

.pc/CVE-2012-1182-2.patch/source3/librpc/gen_ndr/ndr_wbint.c

.pc/initialize_password_db-null-deref

.pc/initialize_password_db-null-deref/source3

.pc/initialize_password_db-null-deref/source3/passdb

.pc/initialize_password_db-null-deref/source3/passdb/pdb_interface.c

debian/patches/CVE-2012-1182-1.patch

debian/patches/CVE-2012-1182-2.patch

debian/patches/initialize_password_db-null-deref

files modified:
.pc/applied-patches

debian/changelog

debian/patches/series

librpc/gen_ndr/ndr_dcerpc.c

librpc/gen_ndr/ndr_dfs.c

librpc/gen_ndr/ndr_drsblobs.c

librpc/gen_ndr/ndr_drsuapi.c

librpc/gen_ndr/ndr_dssetup.c

librpc/gen_ndr/ndr_echo.c

librpc/gen_ndr/ndr_epmapper.c

librpc/gen_ndr/ndr_eventlog.c

librpc/gen_ndr/ndr_krb5pac.c

librpc/gen_ndr/ndr_lsa.c

librpc/gen_ndr/ndr_misc.c

librpc/gen_ndr/ndr_named_pipe_auth.c

librpc/gen_ndr/ndr_nbt.c

librpc/gen_ndr/ndr_netlogon.c

librpc/gen_ndr/ndr_ntlmssp.c

librpc/gen_ndr/ndr_ntsvcs.c

librpc/gen_ndr/ndr_samr.c

librpc/gen_ndr/ndr_schannel.c

librpc/gen_ndr/ndr_security.c

librpc/gen_ndr/ndr_spoolss.c

librpc/gen_ndr/ndr_srvsvc.c

librpc/gen_ndr/ndr_svcctl.c

librpc/gen_ndr/ndr_winreg.c

librpc/gen_ndr/ndr_wkssvc.c

librpc/gen_ndr/ndr_xattr.c

pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm

source3/librpc/gen_ndr/ndr_libnetapi.c

source3/librpc/gen_ndr/ndr_messaging.c

source3/librpc/gen_ndr/ndr_notify.c

source3/librpc/gen_ndr/ndr_perfcount.c

source3/librpc/gen_ndr/ndr_printcap.c

source3/librpc/gen_ndr/ndr_secrets.c

source3/librpc/gen_ndr/ndr_wbint.c

source3/passdb/pdb_interface.c

Show diffs side-by-side

added added

removed removed

source3/librpc/gen_ndr/ndr_secrets.c

32

32

33

33

_PUBLIC_ enum ndr_err_code ndr_pull_TRUSTED_DOM_PASS(struct ndr_pull *ndr, int ndr_flags, struct TRUSTED_DOM_PASS *r)

34

34

{

35

uint32_t size_uni_name_0 = 0;

35

36

{

36

37

uint32_t _flags_save_STRUCT = ndr->flags;

37

38

ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN);

38

39

if (ndr_flags & NDR_SCALARS) {

39

40

NDR_CHECK(ndr_pull_align(ndr, 4));

40

41

NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->uni_name_len));

41

NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->uni_name, 32, sizeof(uint16_t), CH_UTF16));

42

size_uni_name_0 = 32;

43

NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->uni_name, size_uni_name_0, sizeof(uint16_t), CH_UTF16));

42

44

NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->pass_len));

43

45

{

44

46

uint32_t _flags_save_string = ndr->flags;

Older »