[Pkg-samba-maint] [samba] 11/17: s3: smbd: Use the new non_widelink_open() function.

[Mathieu Parent]

This is an automated email from the git hooks/post-receive script.

sathieu pushed a commit to branch master
in repository samba.

commit d9e87eeea76dbbced3e4d9150ce705d484e2f9f4
Author: Jeremy Allison <jra at samba.org>
Date:   Thu Dec 15 13:06:31 2016 -0800

    s3: smbd: Use the new non_widelink_open() function.
    
    CVE-2017-2619
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
---
 source3/smbd/open.c | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index d628d0b..006be91 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -638,7 +638,28 @@ NTSTATUS fd_open(struct connection_struct *conn,
 		flags |= O_NOFOLLOW;
 	}
 
-	fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
+	/* Ensure path is below share definition. */
+	if (!lp_widelinks(SNUM(conn))) {
+		const char *conn_rootdir = SMB_VFS_CONNECTPATH(conn,
+						smb_fname->base_name);
+		if (conn_rootdir == NULL) {
+			return NT_STATUS_NO_MEMORY;
+		}
+		/*
+		 * Only follow symlinks within a share
+		 * definition.
+		 */
+		fsp->fh->fd = non_widelink_open(conn,
+					conn_rootdir,
+					fsp,
+					smb_fname,
+					flags,
+					mode,
+					0);
+	} else {
+		fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
+	}
+
 	if (fsp->fh->fd == -1) {
 		int posix_errno = link_errno_convert(errno);
 		status = map_nt_error_from_unix(posix_errno);

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-samba/samba.git