[SCM] Samba Shared Repository - branch v4-9-test updated
Karolin Seeger
kseeger at samba.org
Fri Aug 31 13:30:02 UTC 2018
The branch, v4-9-test has been updated
via 4c2dfd7 s3: VFS: vfs_full_audit: Ensure smb_fname_str_do_log() only returns absolute pathnames.
via 4629746 s3: VFS: vfs_full_audit: Add $cwd arg to smb_fname_str_do_log().
from 3b31cae VERSION: Bump version up to 4.9.0rc5...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-9-test
- Log -----------------------------------------------------------------
commit 4c2dfd7165ba1295c1975b6c7b3c3ef4bf3e2c48
Author: Jeremy Allison <jra at samba.org>
Date: Fri Aug 24 13:37:27 2018 -0700
s3: VFS: vfs_full_audit: Ensure smb_fname_str_do_log() only returns absolute pathnames.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13565
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Aug 27 20:23:55 CEST 2018 on sn-devel-144
(cherry picked from commit 4d72ebb821518c25e4759ad697d5e18257f80765)
Autobuild-User(v4-9-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-9-test): Fri Aug 31 15:29:32 CEST 2018 on sn-devel-144
commit 46297461963ae7e445bfebd9651c27d495872847
Author: Jeremy Allison <jra at samba.org>
Date: Fri Aug 24 13:17:24 2018 -0700
s3: VFS: vfs_full_audit: Add $cwd arg to smb_fname_str_do_log().
Not yet used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13565
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 59f13347260f5c4367c709eb07139f2ba7ddad72)
-----------------------------------------------------------------------
Summary of changes:
source3/modules/vfs_full_audit.c | 62 +++++++++++++++++++++++++++++-----------
1 file changed, 46 insertions(+), 16 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c
index bd904e8..2ab7d83 100644
--- a/source3/modules/vfs_full_audit.c
+++ b/source3/modules/vfs_full_audit.c
@@ -649,7 +649,8 @@ static void do_log(vfs_op_type op, bool success, vfs_handle_struct *handle,
/**
* Return a string using the do_log_ctx()
*/
-static const char *smb_fname_str_do_log(const struct smb_filename *smb_fname)
+static const char *smb_fname_str_do_log(const struct smb_filename *cwd,
+ const struct smb_filename *smb_fname)
{
char *fname = NULL;
NTSTATUS status;
@@ -657,6 +658,32 @@ static const char *smb_fname_str_do_log(const struct smb_filename *smb_fname)
if (smb_fname == NULL) {
return "";
}
+
+ if (smb_fname->base_name[0] != '/') {
+ char *abs_name = NULL;
+ struct smb_filename *fname_copy = cp_smb_filename(
+ do_log_ctx(),
+ smb_fname);
+ if (fname_copy == NULL) {
+ return "";
+ }
+
+ if (!ISDOT(smb_fname->base_name)) {
+ abs_name = talloc_asprintf(do_log_ctx(),
+ "%s/%s",
+ cwd->base_name,
+ smb_fname->base_name);
+ } else {
+ abs_name = talloc_strdup(do_log_ctx(),
+ cwd->base_name);
+ }
+ if (abs_name == NULL) {
+ return "";
+ }
+ fname_copy->base_name = abs_name;
+ smb_fname = fname_copy;
+ }
+
status = get_full_smb_filename(do_log_ctx(), smb_fname, &fname);
if (!NT_STATUS_IS_OK(status)) {
return "";
@@ -669,7 +696,7 @@ static const char *smb_fname_str_do_log(const struct smb_filename *smb_fname)
*/
static const char *fsp_str_do_log(const struct files_struct *fsp)
{
- return smb_fname_str_do_log(fsp->fsp_name);
+ return smb_fname_str_do_log(fsp->conn->cwd_fname, fsp->fsp_name);
}
/* Implementation of vfs_ops. Pass everything on to the default
@@ -1008,7 +1035,7 @@ static int smb_full_audit_open(vfs_handle_struct *handle,
do_log(SMB_VFS_OP_OPEN, (result >= 0), handle, "%s|%s",
((flags & O_WRONLY) || (flags & O_RDWR))?"w":"r",
- smb_fname_str_do_log(smb_fname));
+ smb_fname_str_do_log(handle->conn->cwd_fname, smb_fname));
return result;
}
@@ -1082,7 +1109,8 @@ static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle,
do_log(SMB_VFS_OP_CREATE_FILE, (NT_STATUS_IS_OK(result)), handle,
"0x%x|%s|%s|%s", access_mask,
create_options & FILE_DIRECTORY_FILE ? "dir" : "file",
- str_create_disposition, smb_fname_str_do_log(smb_fname));
+ str_create_disposition,
+ smb_fname_str_do_log(handle->conn->cwd_fname, smb_fname));
return result;
}
@@ -1321,8 +1349,8 @@ static int smb_full_audit_rename(vfs_handle_struct *handle,
result = SMB_VFS_NEXT_RENAME(handle, smb_fname_src, smb_fname_dst);
do_log(SMB_VFS_OP_RENAME, (result >= 0), handle, "%s|%s",
- smb_fname_str_do_log(smb_fname_src),
- smb_fname_str_do_log(smb_fname_dst));
+ smb_fname_str_do_log(handle->conn->cwd_fname, smb_fname_src),
+ smb_fname_str_do_log(handle->conn->cwd_fname, smb_fname_dst));
return result;
}
@@ -1404,7 +1432,7 @@ static int smb_full_audit_stat(vfs_handle_struct *handle,
result = SMB_VFS_NEXT_STAT(handle, smb_fname);
do_log(SMB_VFS_OP_STAT, (result >= 0), handle, "%s",
- smb_fname_str_do_log(smb_fname));
+ smb_fname_str_do_log(handle->conn->cwd_fname, smb_fname));
return result;
}
@@ -1430,7 +1458,7 @@ static int smb_full_audit_lstat(vfs_handle_struct *handle,
result = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
do_log(SMB_VFS_OP_LSTAT, (result >= 0), handle, "%s",
- smb_fname_str_do_log(smb_fname));
+ smb_fname_str_do_log(handle->conn->cwd_fname, smb_fname));
return result;
}
@@ -1456,7 +1484,7 @@ static int smb_full_audit_unlink(vfs_handle_struct *handle,
result = SMB_VFS_NEXT_UNLINK(handle, smb_fname);
do_log(SMB_VFS_OP_UNLINK, (result >= 0), handle, "%s",
- smb_fname_str_do_log(smb_fname));
+ smb_fname_str_do_log(handle->conn->cwd_fname, smb_fname));
return result;
}
@@ -1567,7 +1595,7 @@ static int smb_full_audit_ntimes(vfs_handle_struct *handle,
result = SMB_VFS_NEXT_NTIMES(handle, smb_fname, ft);
do_log(SMB_VFS_OP_NTIMES, (result >= 0), handle, "%s",
- smb_fname_str_do_log(smb_fname));
+ smb_fname_str_do_log(handle->conn->cwd_fname, smb_fname));
return result;
}
@@ -2004,7 +2032,8 @@ static NTSTATUS smb_full_audit_get_compression(vfs_handle_struct *handle,
do_log(SMB_VFS_OP_GET_COMPRESSION, NT_STATUS_IS_OK(result), handle,
"%s",
- (fsp ? fsp_str_do_log(fsp) : smb_fname_str_do_log(smb_fname)));
+ (fsp ? fsp_str_do_log(fsp) :
+ smb_fname_str_do_log(handle->conn->cwd_fname, smb_fname)));
return result;
}
@@ -2035,7 +2064,7 @@ static NTSTATUS smb_full_audit_readdir_attr(struct vfs_handle_struct *handle,
status = SMB_VFS_NEXT_READDIR_ATTR(handle, fname, mem_ctx, pattr_data);
do_log(SMB_VFS_OP_READDIR_ATTR, NT_STATUS_IS_OK(status), handle, "%s",
- smb_fname_str_do_log(fname));
+ smb_fname_str_do_log(handle->conn->cwd_fname, fname));
return status;
}
@@ -2055,7 +2084,7 @@ static NTSTATUS smb_full_audit_get_dos_attributes(
NT_STATUS_IS_OK(status),
handle,
"%s",
- smb_fname_str_do_log(smb_fname));
+ smb_fname_str_do_log(handle->conn->cwd_fname, smb_fname));
return status;
}
@@ -2095,7 +2124,7 @@ static NTSTATUS smb_full_audit_set_dos_attributes(
NT_STATUS_IS_OK(status),
handle,
"%s",
- smb_fname_str_do_log(smb_fname));
+ smb_fname_str_do_log(handle->conn->cwd_fname, smb_fname));
return status;
}
@@ -2148,7 +2177,7 @@ static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle,
mem_ctx, ppdesc);
do_log(SMB_VFS_OP_GET_NT_ACL, NT_STATUS_IS_OK(result), handle,
- "%s", smb_fname_str_do_log(smb_fname));
+ "%s", smb_fname_str_do_log(handle->conn->cwd_fname, smb_fname));
return result;
}
@@ -2194,7 +2223,8 @@ static NTSTATUS smb_full_audit_audit_file(struct vfs_handle_struct *handle,
access_denied);
do_log(SMB_VFS_OP_AUDIT_FILE, NT_STATUS_IS_OK(result), handle,
- "%s", smb_fname_str_do_log(file));
+ "%s",
+ smb_fname_str_do_log(handle->conn->cwd_fname, file));
return result;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list