[SCM] Samba Shared Repository - branch v3-4-stable updated - release-3-4-0pre2-48-g4a868bb

Karolin Seeger kseeger at samba.org
Fri Jun 19 09:03:59 GMT 2009


The branch, v3-4-stable has been updated
       via  4a868bb77943106d88e1563c915b2a0c7216931b (commit)
       via  8345b7b319d2cde49768fb3d7410d5ed67061273 (commit)
      from  ecff0553d84dc230ff31fa0ada3a7999c680267f (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-stable


- Log -----------------------------------------------------------------
commit 4a868bb77943106d88e1563c915b2a0c7216931b
Author: Karolin Seeger <kseeger at samba.org>
Date:   Fri Jun 19 11:02:07 2009 +0200

    WHATSNEW: Update changes.
    
    Karolin
    (cherry picked from commit 58e847f998087a33f0c80c2705ac2ce5b2807e75)

commit 8345b7b319d2cde49768fb3d7410d5ed67061273
Author: Jeremy Allison <jra at samba.org>
Date:   Fri Jun 19 11:00:41 2009 +0200

    Bug 6488: acl_group_override() call in posix acls references an uninitialized
    variable.
    (cherry picked from commit 2c2894b4646567e3d92b9044a5059021def338f9)

-----------------------------------------------------------------------

Summary of changes:
 WHATSNEW.txt              |    2 ++
 source3/smbd/posix_acls.c |   22 ++++++++++------------
 2 files changed, 12 insertions(+), 12 deletions(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 22a0461..3eca6f0 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -214,6 +214,8 @@ o   Jeremy Allison <jra at samba.org>
       others.
     * BUG 6476: Fix smbd-zombies in memory when using [x]inetd.
     * BUG 6487: Add missing DFS call in trans2 mkdir call.
+    * BUG 6488: acl_group_override() call in posix acls references an
+      uninitialized variable.
 
 
 o   Günther Deschner <gd at samba.org>
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 8d172e1..53bfaa1 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -2547,24 +2547,22 @@ static bool current_user_in_group(gid_t gid)
 ****************************************************************************/
 
 static bool acl_group_override(connection_struct *conn,
-				gid_t prim_gid,
+				SMB_STRUCT_STAT *psbuf,
 				const char *fname)
 {
-	SMB_STRUCT_STAT sbuf;
-
 	if ((errno != EPERM) && (errno != EACCES)) {
 		return false;
 	}
 
 	/* file primary group == user primary or supplementary group */
 	if (lp_acl_group_control(SNUM(conn)) &&
-			current_user_in_group(prim_gid)) {
+			current_user_in_group(psbuf->st_gid)) {
 		return true;
 	}
 
 	/* user has writeable permission */
 	if (lp_dos_filemode(SNUM(conn)) &&
-			can_write_to_file(conn, fname, &sbuf)) {
+			can_write_to_file(conn, fname, psbuf)) {
 		return true;
 	}
 
@@ -2575,7 +2573,7 @@ static bool acl_group_override(connection_struct *conn,
  Attempt to apply an ACL to a file or directory.
 ****************************************************************************/
 
-static bool set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, bool default_ace, gid_t prim_gid, bool *pacl_set_support)
+static bool set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, bool default_ace, SMB_STRUCT_STAT *psbuf, bool *pacl_set_support)
 {
 	connection_struct *conn = fsp->conn;
 	bool ret = False;
@@ -2754,7 +2752,7 @@ static bool set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, bool defau
 				*pacl_set_support = False;
 			}
 
-			if (acl_group_override(conn, prim_gid, fsp->fsp_name)) {
+			if (acl_group_override(conn, psbuf, fsp->fsp_name)) {
 				int sret;
 
 				DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n",
@@ -2785,7 +2783,7 @@ static bool set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, bool defau
 				*pacl_set_support = False;
 			}
 
-			if (acl_group_override(conn, prim_gid, fsp->fsp_name)) {
+			if (acl_group_override(conn, psbuf, fsp->fsp_name)) {
 				int sret;
 
 				DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n",
@@ -3785,7 +3783,7 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC
 		if (set_acl_as_root) {
 			become_root();
 		}
-		ret = set_canon_ace_list(fsp, file_ace_list, False, sbuf.st_gid, &acl_set_support);
+		ret = set_canon_ace_list(fsp, file_ace_list, False, &sbuf, &acl_set_support);
 		if (set_acl_as_root) {
 			unbecome_root();
 		}
@@ -3802,7 +3800,7 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC
 			if (set_acl_as_root) {
 				become_root();
 			}
-			ret = set_canon_ace_list(fsp, dir_ace_list, True, sbuf.st_gid, &acl_set_support);
+			ret = set_canon_ace_list(fsp, dir_ace_list, True, &sbuf, &acl_set_support);
 			if (set_acl_as_root) {
 				unbecome_root();
 			}
@@ -3827,7 +3825,7 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC
 				unbecome_root();
 			}
 			if (sret == -1) {
-				if (acl_group_override(conn, sbuf.st_gid, fsp->fsp_name)) {
+				if (acl_group_override(conn, &sbuf, fsp->fsp_name)) {
 					DEBUG(5,("set_nt_acl: acl group control on and "
 						"current user in file %s primary group. Override delete_def_acl\n",
 						fsp->fsp_name ));
@@ -3889,7 +3887,7 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC
 				unbecome_root();
 			}
 			if(sret == -1) {
-				if (acl_group_override(conn, sbuf.st_gid, fsp->fsp_name)) {
+				if (acl_group_override(conn, &sbuf, fsp->fsp_name)) {
 					DEBUG(5,("set_nt_acl: acl group control on and "
 						"current user in file %s primary group. Override chmod\n",
 						fsp->fsp_name ));


-- 
Samba Shared Repository


More information about the samba-cvs mailing list