[SCM] Samba Shared Repository - branch v3-5-test updated - tevent-0-9-8-906-g87b31c0

Jeremy Allison jra at samba.org
Thu Oct 1 11:25:47 MDT 2009


The branch, v3-5-test has been updated
       via  87b31c0266360f311ae6207b9ec5bce9d8e01be7 (commit)
      from  2d4ffe2a8cb7e0db9733a0e58b1c34e82fd40faf (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test


- Log -----------------------------------------------------------------
commit 87b31c0266360f311ae6207b9ec5bce9d8e01be7
Author: Jeremy Allison <jra at samba.org>
Date:   Thu Oct 1 10:23:29 2009 -0700

    Fix for CVE-2009-2813.
    
    ===========================================================
    == Subject:     Misconfigured /etc/passwd file may share folders unexpectedly
    ==
    == CVE ID#:     CVE-2009-2813
    ==
    == Versions:    All versions of Samba later than 3.0.11
    ==
    == Summary:     If a user in /etc/passwd is misconfigured to have
    ==              an empty home directory then connecting to the home
    ==              share of this user will use the root of the filesystem
    ==              as the home directory.
    ===========================================================

-----------------------------------------------------------------------

Summary of changes:
 source3/param/loadparm.c |    7 ++++++-
 source3/smbd/service.c   |    6 +++++-
 2 files changed, 11 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index b278b96..b1f2a4a 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -6156,6 +6156,11 @@ bool lp_add_home(const char *pszHomename, int iDefaultService,
 {
 	int i;
 
+	if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
+			pszHomedir[0] == '\0') {
+		return false;
+	}
+
 	i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
 
 	if (i < 0)
@@ -8127,7 +8132,7 @@ static void lp_add_auto_services(char *str)
 
 		home = get_user_home_dir(talloc_tos(), p);
 
-		if (home && homes >= 0)
+		if (home && home[0] && homes >= 0)
 			lp_add_home(p, homes, p, home);
 
 		TALLOC_FREE(home);
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 3520f0d..b5946f0 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -56,6 +56,10 @@ bool set_conn_connectpath(connection_struct *conn, const char *connectpath)
 	const char *s = connectpath;
         bool start_of_name_component = true;
 
+	if (connectpath == NULL || connectpath[0] == '\0') {
+		return false;
+	}
+
 	destname = SMB_STRDUP(connectpath);
 	if (!destname) {
 		return false;
@@ -259,7 +263,7 @@ int add_home_service(const char *service, const char *username, const char *home
 {
 	int iHomeService;
 
-	if (!service || !homedir)
+	if (!service || !homedir || homedir[0] == '\0')
 		return -1;
 
 	if ((iHomeService = lp_servicenumber(HOMES_NAME)) < 0) {


-- 
Samba Shared Repository


More information about the samba-cvs mailing list