[Pkg-samba-maint] [samba] 02/17: s3: smbd: Fix "follow symlink = no" regression part 2.
Mathieu Parent
sathieu at moszumanska.debian.org
Thu Mar 30 22:15:33 UTC 2017
This is an automated email from the git hooks/post-receive script.
sathieu pushed a commit to branch jessie
in repository samba.
commit 4a3ef7afb269264f489577de5de0d33726465746
Author: Jeremy Allison <jra at samba.org>
Date: Mon Mar 27 17:04:58 2017 -0700
s3: smbd: Fix "follow symlink = no" regression part 2.
Add an extra paramter to cwd_name to check_reduced_name().
If cwd_name == NULL then fname is a client given path relative
to the root path of the share.
If cwd_name != NULL then fname is a client given path relative
to cwd_name. cwd_name is relative to the root path of the share.
Not yet used, logic added in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12721
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 83e30cb48859b412b76572b6a3ba84d8fde167af)
---
source3/smbd/filename.c | 2 +-
source3/smbd/open.c | 2 +-
source3/smbd/proto.h | 4 +++-
source3/smbd/vfs.c | 10 +++++++++-
4 files changed, 14 insertions(+), 4 deletions(-)
diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index 3593155..03773c8 100644
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -1222,7 +1222,7 @@ NTSTATUS check_name(connection_struct *conn, const char *name)
}
if (!lp_widelinks(SNUM(conn)) || !lp_follow_symlinks(SNUM(conn))) {
- status = check_reduced_name(conn,name);
+ status = check_reduced_name(conn, NULL, name);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(5,("check_name: name %s failed with %s\n",name,
nt_errstr(status)));
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 8417752..13aaae3 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -539,7 +539,7 @@ static int non_widelink_open(struct connection_struct *conn,
}
/* Ensure the relative path is below the share. */
- status = check_reduced_name(conn, final_component);
+ status = check_reduced_name(conn, parent_dir, final_component);
if (!NT_STATUS_IS_OK(status)) {
saved_errno = map_errno_from_nt_status(status);
goto out;
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index abfb543..032f75d 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -1171,7 +1171,9 @@ const char *vfs_readdirname(connection_struct *conn, void *p,
SMB_STRUCT_STAT *sbuf, char **talloced);
int vfs_ChDir(connection_struct *conn, const char *path);
char *vfs_GetWd(TALLOC_CTX *ctx, connection_struct *conn);
-NTSTATUS check_reduced_name(connection_struct *conn, const char *fname);
+NTSTATUS check_reduced_name(connection_struct *conn,
+ const char *cwd_name,
+ const char *fname);
NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
const char *fname,
struct smb_request *smbreq);
diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c
index f084b1d..15896f8 100644
--- a/source3/smbd/vfs.c
+++ b/source3/smbd/vfs.c
@@ -1163,9 +1163,17 @@ NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
/*******************************************************************
Reduce a file name, removing .. elements and checking that
it is below dir in the heirachy. This uses realpath.
+
+ If cwd_name == NULL then fname is a client given path relative
+ to the root path of the share.
+
+ If cwd_name != NULL then fname is a client given path relative
+ to cwd_name. cwd_name is relative to the root path of the share.
********************************************************************/
-NTSTATUS check_reduced_name(connection_struct *conn, const char *fname)
+NTSTATUS check_reduced_name(connection_struct *conn,
+ const char *cwd_name,
+ const char *fname)
{
char *resolved_name = NULL;
bool allow_symlinks = true;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-samba/samba.git
More information about the Pkg-samba-maint
mailing list