[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Fri Nov 8 12:44:02 MST 2013 

The branch, master has been updated
       via  374b2cf xattr: fix listing EAs on *BSD for non-root users
       via  12a2230 s4-smb_server: Fix a use after free.
       via  29f12e7 s3-vfs: Fix stream_depot vfs module on btrfs.
       via  c7aab6e vfstest: fix uninitialised variable usage in open
      from  15b0c39 net: remove net idmap secret

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 374b2cfde74e0c61f4b2da724b30d0e430596092
Author: Björn Jacke <bj at sernet.de>
Date:   Wed Nov 6 12:37:07 2013 +0100

    xattr: fix listing EAs on *BSD for non-root users
    
    Thanks to Stefan Rompf for reporting.
    
    This fixes bug #10247
    
    Signed-off-by: Bjoern Jacke <bj at sernet.de>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Fri Nov  8 20:43:30 CET 2013 on sn-devel-104

commit 12a2230581b3ff5c7a29819532652d7ddfe61521
Author: Andreas Schneider <asn at samba.org>
Date:   Fri Nov 8 16:14:35 2013 +0100

    s4-smb_server: Fix a use after free.
    
    If we haven't allocated the smbsrv_session then we should not free it.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 29f12e7d5960906935e3af1405e9759a07d64750
Author: Andreas Schneider <asn at samba.org>
Date:   Fri Nov 8 15:10:03 2013 +0100

    s3-vfs: Fix stream_depot vfs module on btrfs.
    
    Checking if the directory is empty using 'nlink == 2' only checks if
    there are no subdirectories. It doesn't indicate if there are files in
    the directory. However checking link count for no subdirectories is
    wrong and applications shouldn't rely on it, see:
    
    https://lkml.org/lkml/2012/2/1/756
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit c7aab6e5205b78f00f84492cc1a0fd4b67ef917a
Author: David Disseldorp <ddiss at samba.org>
Date:   Fri Nov 8 13:56:23 2013 +0100

    vfstest: fix uninitialised variable usage in open
    
    The vfstest open command currently fails intermittently due to a read of
    a potentially uninitialised status variable.
    
    Signed-off-by: David Disseldorp <ddiss at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 lib/replace/xattr.c                 |    4 ++++
 source3/modules/vfs_streams_depot.c |   16 ++++++++--------
 source3/torture/cmd_vfs.c           |    5 +++--
 source4/smb_server/smb/sesssetup.c  |    6 +++++-
 4 files changed, 20 insertions(+), 11 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/replace/xattr.c b/lib/replace/xattr.c
index a26ff67..459b7f3 100644
--- a/lib/replace/xattr.c
+++ b/lib/replace/xattr.c
@@ -194,6 +194,10 @@ static ssize_t bsd_attr_list (int type, extattr_arg arg, char *list, size_t size
 	char *buf;
 	/* Iterate through extattr(2) namespaces */
 	for(t = 0; t < ARRAY_SIZE(extattr); t++) {
+		if (t != EXTATTR_NAMESPACE_USER && geteuid() != 0) {
+			/* ignore all but user namespace when we are not root, see bug 10247 */
+			continue;
+		}
 		switch(type) {
 #if defined(HAVE_EXTATTR_LIST_FILE)
 			case 0:
diff --git a/source3/modules/vfs_streams_depot.c b/source3/modules/vfs_streams_depot.c
index 3ada92e..f33d998 100644
--- a/source3/modules/vfs_streams_depot.c
+++ b/source3/modules/vfs_streams_depot.c
@@ -665,6 +665,7 @@ static int streams_depot_unlink(vfs_handle_struct *handle,
 static int streams_depot_rmdir(vfs_handle_struct *handle, const char *path)
 {
 	struct smb_filename *smb_fname_base = NULL;
+	char *dirname;
 	int ret = -1;
 
 	DEBUG(10, ("streams_depot_rmdir called for %s\n", path));
@@ -690,15 +691,14 @@ static int streams_depot_rmdir(vfs_handle_struct *handle, const char *path)
 		return -1;
 	}
 
-	if (smb_fname_base->st.st_ex_nlink == 2) {
-		char *dirname = stream_dir(handle, smb_fname_base,
-					   &smb_fname_base->st, false);
-
-		if (dirname != NULL) {
-			SMB_VFS_NEXT_RMDIR(handle, dirname);
-		}
-		TALLOC_FREE(dirname);
+	dirname = stream_dir(handle,
+			     smb_fname_base,
+			     &smb_fname_base->st,
+			     false);
+	if (dirname != NULL) {
+		SMB_VFS_NEXT_RMDIR(handle, dirname);
 	}
+	TALLOC_FREE(dirname);
 
 	ret = SMB_VFS_NEXT_RMDIR(handle, path);
 
diff --git a/source3/torture/cmd_vfs.c b/source3/torture/cmd_vfs.c
index 1b20208..f923ed5 100644
--- a/source3/torture/cmd_vfs.c
+++ b/source3/torture/cmd_vfs.c
@@ -347,6 +347,7 @@ static NTSTATUS cmd_open(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, int argc, c
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
+	status = NT_STATUS_OK;
 	ret = SMB_VFS_FSTAT(fsp, &smb_fname->st);
 	if (ret == -1) {
 		/* If we have an fd, this stat should succeed. */
@@ -359,7 +360,7 @@ static NTSTATUS cmd_open(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, int argc, c
 		errno = EISDIR;
 		status = NT_STATUS_FILE_IS_A_DIRECTORY;
 	}
-	
+
 	if (!NT_STATUS_IS_OK(status)) {
 		SMB_VFS_CLOSE(fsp);
 		TALLOC_FREE(fsp);
@@ -1780,7 +1781,7 @@ struct cmd_set vfs_commands[] = {
 	{ "mkdir",   cmd_mkdir,   "VFS mkdir()",    "mkdir <path>" },
 	{ "rmdir",   cmd_pathfunc,   "VFS rmdir()",    "rmdir <path>" },
 	{ "closedir",   cmd_closedir,   "VFS closedir()",    "closedir" },
-	{ "open",   cmd_open,   "VFS open()",    "open <fname>" },
+	{ "open",   cmd_open,   "VFS open()",    "open <fname> <flags> <mode>" },
 	{ "close",   cmd_close,   "VFS close()",    "close <fd>" },
 	{ "read",   cmd_read,   "VFS read()",    "read <fd> <size>" },
 	{ "write",   cmd_write,   "VFS write()",    "write <fd> <size>" },
diff --git a/source4/smb_server/smb/sesssetup.c b/source4/smb_server/smb/sesssetup.c
index b26c128..4ebc0c4 100644
--- a/source4/smb_server/smb/sesssetup.c
+++ b/source4/smb_server/smb/sesssetup.c
@@ -415,6 +415,7 @@ static void sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup *se
 {
 	NTSTATUS status;
 	struct smbsrv_session *smb_sess = NULL;
+	bool is_smb_sess_new = false;
 	struct sesssetup_spnego_state *s = NULL;
 	uint16_t vuid;
 	struct tevent_req *subreq;
@@ -465,6 +466,7 @@ static void sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup *se
 			status = NT_STATUS_INSUFFICIENT_RESOURCES;
 			goto failed;
 		}
+		is_smb_sess_new = true;
 	} else {
 		smb_sess = smbsrv_session_find_sesssetup(req->smb_conn, vuid);
 	}
@@ -510,7 +512,9 @@ static void sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup *se
 nomem:
 	status = NT_STATUS_NO_MEMORY;
 failed:
-	talloc_free(smb_sess);
+	if (is_smb_sess_new) {
+		talloc_free(smb_sess);
+	}
 	status = nt_status_squash(status);
 	smbsrv_sesssetup_backend_send(req, sess, status);
 }


-- 
Samba Shared Repository

More information about the samba-cvs mailing list