[SCM] Samba Shared Repository - branch master updated

Volker Lendecke vlendec at samba.org
Sat Apr 27 07:58:02 MDT 2013


The branch, master has been updated
       via  5185460 Check for WRITE_ACCESS on the file before overriding an EACCESS.
       via  77e3099 Ensure we don't try the open_file_fchmod() if we can't write to the file.
       via  a91aac4 Remove indentation around code wrapped by unneeded CAN_WRITE.
       via  0d88b37 Add early return in file_set_dosmode() on a read only share.
      from  8283fd0 smbd: Do not fetch the record in defer_open_done

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 5185460067229a342ddf3951ecc968017c2ed4df
Author: Jeremy Allison <jra at samba.org>
Date:   Thu Apr 25 14:06:03 2013 -0700

    Check for WRITE_ACCESS on the file before overriding an EACCESS.
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Volker Lendecke <vl at samba.org>
    
    Autobuild-User(master): Volker Lendecke <vl at samba.org>
    Autobuild-Date(master): Sat Apr 27 15:57:17 CEST 2013 on sn-devel-104

commit 77e3099483489ef4d59087dc6542fe7f7b589224
Author: Jeremy Allison <jra at samba.org>
Date:   Thu Apr 25 14:02:24 2013 -0700

    Ensure we don't try the open_file_fchmod() if we can't write to the file.
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Volker Lendecke <vl at samba.org>

commit a91aac4a5f0bd2077be267e49d1fc4f0321bb39c
Author: Jeremy Allison <jra at samba.org>
Date:   Thu Apr 25 14:00:42 2013 -0700

    Remove indentation around code wrapped by unneeded CAN_WRITE.
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Volker Lendecke <vl at samba.org>

commit 0d88b37fc63023eeb749080713449b124e346e9e
Author: Jeremy Allison <jra at samba.org>
Date:   Thu Apr 25 13:59:22 2013 -0700

    Add early return in file_set_dosmode() on a read only share.
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Volker Lendecke <vl at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source3/smbd/dosmode.c |   57 ++++++++++++++++++++++++++++-------------------
 1 files changed, 34 insertions(+), 23 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c
index 19b7675..b534626 100644
--- a/source3/smbd/dosmode.c
+++ b/source3/smbd/dosmode.c
@@ -417,6 +417,10 @@ static bool set_ea_dos_attribute(connection_struct *conn,
 		if(!CAN_WRITE(conn) || !lp_dos_filemode(SNUM(conn)))
 			return false;
 
+		if (!can_write_to_file(conn, smb_fname)) {
+			return false;
+		}
+
 		/*
 		 * We need to open the file with write access whilst
 		 * still in our current user context. This ensures we
@@ -705,6 +709,12 @@ int file_set_dosmode(connection_struct *conn, struct smb_filename *smb_fname,
 	int ret = -1, lret = -1;
 	uint32_t old_mode;
 	struct timespec new_create_timespec;
+	files_struct *fsp = NULL;
+
+	if (!CAN_WRITE(conn)) {
+		errno = EROFS;
+		return -1;
+	}
 
 	/* We only allow READONLY|HIDDEN|SYSTEM|DIRECTORY|ARCHIVE here. */
 	dosmode &= (SAMBA_ATTRIBUTES_MASK | FILE_ATTRIBUTE_OFFLINE);
@@ -850,29 +860,30 @@ int file_set_dosmode(connection_struct *conn, struct smb_filename *smb_fname,
 		bits on a file. Just like file_ntimes below.
 	*/
 
-	/* Check if we have write access. */
-	if (CAN_WRITE(conn)) {
-		/*
-		 * We need to open the file with write access whilst
-		 * still in our current user context. This ensures we
-		 * are not violating security in doing the fchmod.
-		 */
-		files_struct *fsp;
-		if (!NT_STATUS_IS_OK(open_file_fchmod(conn, smb_fname,
-				     &fsp)))
-			return -1;
-		become_root();
-		ret = SMB_VFS_FCHMOD(fsp, unixmode);
-		unbecome_root();
-		close_file(NULL, fsp, NORMAL_CLOSE);
-		if (!newfile) {
-			notify_fname(conn, NOTIFY_ACTION_MODIFIED,
-				     FILE_NOTIFY_CHANGE_ATTRIBUTES,
-				     smb_fname->base_name);
-		}
-		if (ret == 0) {
-			smb_fname->st.st_ex_mode = unixmode;
-		}
+	if (!can_write_to_file(conn, smb_fname)) {
+		errno = EACCES;
+		return -1;
+	}
+
+	/*
+	 * We need to open the file with write access whilst
+	 * still in our current user context. This ensures we
+	 * are not violating security in doing the fchmod.
+	 */
+	if (!NT_STATUS_IS_OK(open_file_fchmod(conn, smb_fname,
+			     &fsp)))
+		return -1;
+	become_root();
+	ret = SMB_VFS_FCHMOD(fsp, unixmode);
+	unbecome_root();
+	close_file(NULL, fsp, NORMAL_CLOSE);
+	if (!newfile) {
+		notify_fname(conn, NOTIFY_ACTION_MODIFIED,
+			     FILE_NOTIFY_CHANGE_ATTRIBUTES,
+			     smb_fname->base_name);
+	}
+	if (ret == 0) {
+		smb_fname->st.st_ex_mode = unixmode;
 	}
 
 	return( ret );


-- 
Samba Shared Repository


More information about the samba-cvs mailing list