[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Tue Aug 29 02:55:02 UTC 2017
The branch, master has been updated
via f9d4158 tests/fake_snap: sanitize paths
via 7b58c8f s3/mdssvc: missing assignment in sl_pack_float
from dd3e06f HEIMDAL: don't bother seeing q if not sent
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit f9d4158f0b002b482df0a919d4cb337cce81f9f8
Author: David Disseldorp via samba-technical <samba-technical at lists.samba.org>
Date: Sat Aug 26 23:40:37 2017 +0200
tests/fake_snap: sanitize paths
Ensure fake_snap.pl can be run in taint mode (-T), by sanitizing paths
and the PATH env. This fixes the following samba3.rpc.fsrvp selftest
failures:
Insecure dependency in mkdir while running setgid at (eval 2) line 4.
snap create failed: NT_STATUS_UNSUCCESSFUL
snap create failed for shadow copy of /home/ddiss/isms/samba/st/nt4_dc/share
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12988
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Aug 29 04:54:51 CEST 2017 on sn-devel-144
commit 7b58c8f54499f01778bcbfc2ad21521ceed2dd57
Author: Ralph Boehme <slow at samba.org>
Date: Sun Aug 27 19:22:38 2017 +0200
s3/mdssvc: missing assignment in sl_pack_float
Spotted by -Werror=maybe-uninitialized:
../source3/rpc_server/mdssvc/marshalling.c: In function ‘sl_pack_float’:
../source3/rpc_server/mdssvc/marshalling.c:171:11: error:
‘ieee_fp_union.w’ may be used uninitialized in this function
[-Werror=maybe-uninitialized]
offset = sl_push_uint64_val(buf, offset, bufsize, ieee_fp_union.w);
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12991
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/rpc_server/mdssvc/marshalling.c | 2 ++
source3/script/tests/fake_snap.pl | 19 ++++++++++++++++---
2 files changed, 18 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_server/mdssvc/marshalling.c b/source3/rpc_server/mdssvc/marshalling.c
index 0a02f41..976702c 100644
--- a/source3/rpc_server/mdssvc/marshalling.c
+++ b/source3/rpc_server/mdssvc/marshalling.c
@@ -164,6 +164,8 @@ static ssize_t sl_pack_float(double d, char *buf, ssize_t offset, size_t bufsize
uint64_t w;
} ieee_fp_union;
+ ieee_fp_union.d = d;
+
offset = sl_push_uint64_val(buf, offset, bufsize, sl_pack_tag(SQ_TYPE_FLOAT, 2, 1));
if (offset == -1) {
return -1;
diff --git a/source3/script/tests/fake_snap.pl b/source3/script/tests/fake_snap.pl
index d1233f3..18bbcb7 100755
--- a/source3/script/tests/fake_snap.pl
+++ b/source3/script/tests/fake_snap.pl
@@ -5,14 +5,25 @@ use strict;
use File::Path qw(rmtree);
use POSIX ();
+sub _untaint_path
+{
+ my ($path) = @_;
+
+ if ($path =~ /^(.*)$/) {
+ return $1;
+ }
+ die "bad path";
+}
+
sub _create_snapshot
{
- my ($base_path) = @_;
+ my ($base_path) = _untaint_path(shift);
my $time_str = POSIX::strftime("%Y.%m.%d-%H.%M.%S" , localtime());
my $snap_path = $base_path . "/.snapshots/\@GMT-" . $time_str;
my $ret;
- POSIX::mkdir($base_path . "/.snapshots", 0777);
+ $ENV{'PATH'} = '/bin:/usr/bin'; # untaint PATH
+ POSIX::mkdir($base_path . "/.snapshots", 0755);
# add trailing slash to src path to ensure that only contents is copied
$ret = system("rsync", "-a", "--exclude=.snapshots/", "${base_path}/",
@@ -28,7 +39,8 @@ sub _create_snapshot
sub _delete_snapshot
{
- my ($base_path, $snap_path) = @_;
+ my $base_path = _untaint_path(shift);
+ my $snap_path = _untaint_path(shift);
# we're doing a recursive delete, so do some sanity checks
if ((index($snap_path, $base_path) != 0) || (index($snap_path, ".snapshots") == -1)) {
@@ -36,6 +48,7 @@ sub _delete_snapshot
return -1;
}
+ $ENV{'PATH'} = '/bin:/usr/bin'; # untaint PATH
rmtree($snap_path, {error => \my $err});
if (@$err) {
for my $diag (@$err) {
--
Samba Shared Repository
More information about the samba-cvs
mailing list