[SCM] Samba Shared Repository - branch v3-6-stable updated
Karolin Seeger
kseeger at samba.org
Sun Jan 29 12:47:38 MST 2012
The branch, v3-6-stable has been updated
via 71e7cdc s3-smbd: Fix bug #8724.
via 3f117d2 WHATSNEW: Add release notes for 3.6.3.
via e35523c VERSION: Bump version up to 3.6.3.
from b0cd2e5 WHATSNEW: Add another change.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-stable
- Log -----------------------------------------------------------------
commit 71e7cdcce26c1ed7504760a94cf51e79b2ec570c
Author: Ira Cooper <ira at wakeful.net>
Date: Sun Jan 29 20:36:05 2012 +0100
s3-smbd: Fix bug #8724.
Fix bug #8724 - Memory leak in parent smbd on connection.
This is CVE-2012-0817.
Patch have been created by Ira Cooper <ira at wakeful.net> and
Jeremy Allison <jra at samba.org>.
(cherry picked from commit 964620240c83024bea8bbce0bc282b0851513808)
commit 3f117d2bcf33913e7cc3e4b0e01ac98f649fa078
Author: Karolin Seeger <kseeger at samba.org>
Date: Sun Jan 29 20:33:38 2012 +0100
WHATSNEW: Add release notes for 3.6.3.
Karolin
(cherry picked from commit 677f5573570ad1cbd4c1e1d920f67a0d20edea25)
commit e35523c33ab626a8dee8e037aa2027cdc5ad01a6
Author: Karolin Seeger <kseeger at samba.org>
Date: Sun Jan 29 20:33:15 2012 +0100
VERSION: Bump version up to 3.6.3.
Karolin
(cherry picked from commit a3dd55e40cc905a4535d1786f2d53cda221fb3e2)
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 54 ++++++++++++++++++++++++++++++++++++++++++++-
source3/VERSION | 2 +-
source3/lib/substitute.c | 9 ++++++-
source3/smbd/server.c | 6 +++++
4 files changed, 66 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index b3e5008..2868320 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,53 @@
=============================
+ Release Notes for Samba 3.6.3
+ January 29, 2012
+ =============================
+
+
+This is a security release in order to address
+CVE-2012-0817 (Memory leak/Denial of service).
+
+o CVE-2012-0817:
+ The Samba File Serving daemon (smbd) in Samba versions
+ 3.6.0 to 3.6.2 is affected by a memory leak that can
+ cause a server denial of service.
+
+
+Changes since 3.6.2:
+--------------------
+
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 8724: Fix memory leak in parent smbd on connection.
+
+
+o Ira Cooper <samba at ira.wakeful.net>
+ * BUG 8724: Fix memory leak in parent smbd on connection.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+Release notes for older releases follow:
+----------------------------------------
+
+ =============================
Release Notes for Samba 3.6.2
January 25, 2012
=============================
@@ -174,8 +223,9 @@ database (https://bugzilla.samba.org/).
== The Samba Team
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+
+----------------------------------------------------------------------
+
=============================
Release Notes for Samba 3.6.1
diff --git a/source3/VERSION b/source3/VERSION
index e8a1992..9ba1b54 100644
--- a/source3/VERSION
+++ b/source3/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=3
SAMBA_VERSION_MINOR=6
-SAMBA_VERSION_RELEASE=2
+SAMBA_VERSION_RELEASE=3
########################################################
# Bug fix releases use a letter for the patch revision #
diff --git a/source3/lib/substitute.c b/source3/lib/substitute.c
index e72a8c3..68328e5 100644
--- a/source3/lib/substitute.c
+++ b/source3/lib/substitute.c
@@ -195,7 +195,7 @@ void sub_set_smb_name(const char *name)
}
static char sub_peeraddr[INET6_ADDRSTRLEN];
-static const char *sub_peername = "";
+static const char *sub_peername = NULL;
static char sub_sockaddr[INET6_ADDRSTRLEN];
void sub_set_socket_ids(const char *peeraddr, const char *peername,
@@ -208,6 +208,11 @@ void sub_set_socket_ids(const char *peeraddr, const char *peername,
}
strlcpy(sub_peeraddr, addr, sizeof(sub_peeraddr));
+ if (sub_peername != NULL &&
+ sub_peername != sub_peeraddr) {
+ free(discard_const_p(char,sub_peername));
+ sub_peername = NULL;
+ }
sub_peername = SMB_STRDUP(peername);
if (sub_peername == NULL) {
sub_peername = sub_peeraddr;
@@ -646,7 +651,7 @@ static char *alloc_sub_basic(const char *smb_name, const char *domain_name,
break;
case 'M' :
a_string = realloc_string_sub(a_string, "%M",
- sub_peername);
+ sub_peername ? sub_peername : "");
break;
case 'R' :
a_string = realloc_string_sub(a_string, "%R", remote_proto);
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 8ac0511..db68ace 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -64,6 +64,12 @@ static void smbd_set_server_fd(int fd)
* name, default to its address.
*/
+ if (sconn->client_id.name != NULL &&
+ sconn->client_id.name != sconn->client_id.addr) {
+ talloc_free(discard_const_p(char, sconn->client_id.name));
+ sconn->client_id.name = NULL;
+ }
+
client_addr(fd, sconn->client_id.addr, sizeof(sconn->client_id.addr));
name = client_name(sconn->sock);
--
Samba Shared Repository
More information about the samba-cvs
mailing list