From e9af763f5a66ff7fe259aeb5f51b07caab359242 Mon Sep 17 00:00:00 2001
From: zhangyaqi <zhangyaqi@kylinos.cn>
Date: Thu, 30 May 2024 15:10:06 +0800
Subject: [PATCH] s4:dsdb:strcasecmp_with_ldb_val() avoids overflow

(cherry picked from commit ef627298c58187720548f2ff8d84bc3711a1d0e6)
---
 ...casecmp_with_ldb_val-avoids-overflow.patch | 37 +++++++++++++++++++
 samba.spec                                    |  9 ++++-
 2 files changed, 45 insertions(+), 1 deletion(-)
 create mode 100644 backport-0001-s4-dsdb-strcasecmp_with_ldb_val-avoids-overflow.patch

diff --git a/backport-0001-s4-dsdb-strcasecmp_with_ldb_val-avoids-overflow.patch b/backport-0001-s4-dsdb-strcasecmp_with_ldb_val-avoids-overflow.patch
new file mode 100644
index 0000000..341134a
--- /dev/null
+++ b/backport-0001-s4-dsdb-strcasecmp_with_ldb_val-avoids-overflow.patch
@@ -0,0 +1,37 @@
+From a00c0ebd090f69f94ce6ba7774a9fc126d7de504 Mon Sep 17 00:00:00 2001
+From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
+Date: Mon, 13 May 2024 11:08:35 +1200
+Subject: [PATCH] s4:dsdb:strcasecmp_with_ldb_val() avoids overflow
+
+Reference: https://git.samba.org/?p=samba.git;a=patch;h=a00c0ebd090f69f94ce6ba7774a9fc126d7de504
+
+In the unlikely event that strlen(str) > INT_MAX, the result could
+have overflowed.
+
+This is not a sort transitivity issue, as this is not a symmetric sort
+comparison, but it would affect binary search reliability.
+
+Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
+Reviewed-by: Andrew Bartlett <abartlet@samba.org>
+---
+ source4/dsdb/schema/schema_query.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/source4/dsdb/schema/schema_query.c b/source4/dsdb/schema/schema_query.c
+index 96c5392..b2e937e 100644
+--- a/source4/dsdb/schema/schema_query.c
++++ b/source4/dsdb/schema/schema_query.c
+@@ -52,7 +52,9 @@ static int strcasecmp_with_ldb_val(const struct ldb_val *target, const char *str
+ 			}
+ 			return 1;
+ 		}
+-		return (target->length - len);
++		if (target->length < len) {
++		        return -1;
++		}
+ 	}
+ 	return ret;
+ }
+-- 
+2.27.0
+
diff --git a/samba.spec b/samba.spec
index 7b9494c..257a88d 100644
--- a/samba.spec
+++ b/samba.spec
@@ -53,7 +53,7 @@
 
 Name:           samba
 Version:        4.19.3
-Release:        4
+Release:        5
 
 Summary:        A suite for Linux to interoperate with Windows
 License:        GPL-3.0-or-later AND LGPL-3.0-or-later
@@ -72,6 +72,7 @@ Source8:        usershares.conf.vendor
 Source201:      README.downgrade
 
 Patch1:         remove-sensitive-info.patch
+Patch2:         backport-0001-s4-dsdb-strcasecmp_with_ldb_val-avoids-overflow.patch
 
 
 BuildRequires: avahi-devel bison dbus-devel docbook-style-xsl e2fsprogs-devel flex gawk gnupg2 gnutls-devel >= 3.4.7 gpgme-devel
@@ -3589,6 +3590,12 @@ fi
 %endif
 
 %changelog
+* Thu May 30 2024 zhangyaqi <zhangyaqi@kylinos.cn> - 4.19.3-5
+- Type:bugfis
+- ID:NA
+- SUG:NA
+- DESC:s4:dsdb:strcasecmp_with_ldb_val() avoids overflow
+
 * Thu Feb 1 2024 jiahua.yu <jiahua.yu@shingroup.cn> - 4.19.3-4
 - Type:feature
 - ID:NA
-- 
Gitee