Skip to content
Permalink
Browse files Browse the repository at this point in the history
CVE-2022-0336: s4/dsdb/samldb: Don't return early when an SPN is re-a…
…dded to an object

If an added SPN already exists on an object, we still want to check the
rest of the element values for conflicts.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14950

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
  • Loading branch information
josephsutton1 authored and metze-samba committed Jan 31, 2022
1 parent c58ede4 commit 1a5dc81
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 3 deletions.
1 change: 0 additions & 1 deletion selftest/knownfail.d/ldap_spn
@@ -1,2 +1 @@
samba.tests.ldap_spn.+LdapSpnTest.test_spn_dodgy_spns
samba.tests.ldap_spn.+LdapSpnSambaOnlyTest.test_spn_add_a_conflict_along_with_a_re_added_SPN
3 changes: 1 addition & 2 deletions source4/dsdb/samdb/ldb_modules/samldb.c
Expand Up @@ -4006,8 +4006,7 @@ static int samldb_spn_uniqueness_check(struct samldb_ctx *ac,
ac->msg->dn);
if (ret == LDB_ERR_COMPARE_TRUE) {
DBG_INFO("SPN %s re-added to the same object\n", spn);
talloc_free(tmp_ctx);
return LDB_SUCCESS;
continue;
}
if (ret != LDB_SUCCESS) {
DBG_ERR("SPN %s failed direct uniqueness check\n", spn);
Expand Down

0 comments on commit 1a5dc81

Please sign in to comment.