[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Mon Feb 7 19:59:01 UTC 2022


The branch, master has been updated
       via  fe275259603 lib: Simplify pm_process()
       via  abd1525d9ea vfs: Fix a typo
       via  c2ac6a9cd7b smbd: Pass "dirfsp" and "smb_fname" to fd_open_atomic()
       via  18501707086 smbd: Avoid an "else" in file_set_dosmode()
       via  0b55d739088 smbd: Fix open_pathref_base_fsp()'s implicit conn_cwd assumption
       via  d4f8fdd69a1 libsmb: Convert SMBC_getatr() to NTSTATUS
       via  0b351cda245 libsmb: Avoid a call to SMBC_errno()
       via  c9030fb5a84 libsmb: Avoid a call to SMBC_errno()
       via  3844fe8730f libsmb: Avoid a call to SMBC_errno()
       via  c78f0a96a3c libsmb: Avoid two calls to SMBC_errno()
       via  098fc00f9f2 libsmb: Avoid a call to SMBC_errno()
       via  ec58a8eaf83 libsmb: Avoid a call to SMBC_errno()
       via  ede2328c965 smbd: Fix CID 1497981: Null pointer dereferences (REVERSE_INULL)
       via  d717a581ab3 lib: Fix CID 1465285 Double close
      from  dcd65e1cb7e script/autobuild.py: let nm_grep_symbols ignore __gcov_ symbols

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit fe275259603c6ca695e386cca4088ce6b039825d
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Feb 4 12:57:52 2022 +0100

    lib: Simplify pm_process()
    
    No need to duplicate the fopen/fclose
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Mon Feb  7 19:58:57 UTC 2022 on sn-devel-184

commit abd1525d9eaba9300041db359b6884209447378a
Author: Volker Lendecke <vl at samba.org>
Date:   Sun Jan 23 13:15:32 2022 +0100

    vfs: Fix a typo
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit c2ac6a9cd7b1eceb3affc1319c52d79f751a6f45
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Jan 18 21:14:13 2022 +0100

    smbd: Pass "dirfsp" and "smb_fname" to fd_open_atomic()
    
    Dereference fsp once instead of four times
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 18501707086082255212ee5a479a29630d2dfb21
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Jan 18 20:07:30 2022 +0100

    smbd: Avoid an "else" in file_set_dosmode()
    
    Review with git show -b
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 0b55d73908840540fc997bc2982181268886a539
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Dec 30 18:06:18 2021 +0100

    smbd: Fix open_pathref_base_fsp()'s implicit conn_cwd assumption
    
    Opening a stream base file only worked if "dirfsp == conn->cwd_fsp":
    We have replaced fsp->fsp_name with the full dirfsp->relative pathname
    at the point where open_pathref_base_fsp() is called. In case dirfsp
    is already a subdirectory in a share, this breaks because the
    open_pathref_base_fsp() uses fsp->fsp_name, not the original
    dirfsp-relative one.
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit d4f8fdd69a1278d8473d541dc6b32014a369bcd0
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Jan 21 21:15:06 2022 +0100

    libsmb: Convert SMBC_getatr() to NTSTATUS
    
    This avoids a few calls to SMBC_errno()
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 0b351cda24514241c0418987a624f77d646df175
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Jan 22 09:25:34 2022 +0100

    libsmb: Avoid a call to SMBC_errno()
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit c9030fb5a841a70eccd5a7a29029b3bc606832ea
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Jan 21 20:21:17 2022 +0100

    libsmb: Avoid a call to SMBC_errno()
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 3844fe8730fa227e3ffb2f29c2d7f15ca7e89872
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Jan 21 20:29:34 2022 +0100

    libsmb: Avoid a call to SMBC_errno()
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit c78f0a96a3c2ec95d26d001820fddeac8871286f
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Jan 21 20:38:04 2022 +0100

    libsmb: Avoid two calls to SMBC_errno()
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 098fc00f9f28a238d0353eb6ebdf4dfa0549950b
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Jan 21 20:40:17 2022 +0100

    libsmb: Avoid a call to SMBC_errno()
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit ec58a8eaf8387ef09003b8e6075dec8ff4758373
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Jan 21 20:43:04 2022 +0100

    libsmb: Avoid a call to SMBC_errno()
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit ede2328c965644010ae305ce15adcd231e3e7bd5
Author: Volker Lendecke <vl at samba.org>
Date:   Sun Feb 6 11:59:52 2022 +0100

    smbd: Fix CID 1497981: Null pointer dereferences (REVERSE_INULL)
    
    brown paper bag quality, sorry...
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit d717a581ab32e3252249e5894b164f3a73a19f85
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Jan 19 14:12:23 2022 +0100

    lib: Fix CID 1465285 Double close
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 lib/util/params.c                 | 15 ++----------
 source3/include/libsmb_internal.h |  2 +-
 source3/libsmb/libsmb_dir.c       | 39 +++++++++++++++++-------------
 source3/libsmb/libsmb_file.c      | 50 +++++++++++++++++++--------------------
 source3/libsmb/libsmb_stat.c      |  6 +++--
 source3/libsmb/libsmb_xattr.c     | 12 ++++++----
 source3/modules/vfs_default.c     |  2 +-
 source3/smbd/dosmode.c            | 18 +++++++-------
 source3/smbd/files.c              | 15 ++++++++----
 source3/smbd/open.c               | 23 +++++++++++-------
 source3/smbd/posix_acls.c         |  2 +-
 source4/lib/policy/gp_filesys.c   |  1 +
 12 files changed, 100 insertions(+), 85 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/util/params.c b/lib/util/params.c
index c5c252613d3..79b45ee2fcb 100644
--- a/lib/util/params.c
+++ b/lib/util/params.c
@@ -88,22 +88,11 @@ bool pm_process(const char *filename,
 			      void *private_data),
 		void *private_data)
 {
-	FILE *f;
-	bool ret;
-
-	f = fopen(filename, "r");
-	if (f == NULL) {
-		return false;
-	}
-
-	ret = tini_parse(f, false, sfunc, pfunc, private_data);
-
-	fclose(f);
-
+	bool ret = pm_process_with_flags(
+		filename, false, sfunc, pfunc, private_data);
 	return ret;
 }
 
-
 bool pm_process_with_flags(const char *filename,
 			   bool allow_empty_values,
 			   bool (*sfunc)(const char *section, void *private_data),
diff --git a/source3/include/libsmb_internal.h b/source3/include/libsmb_internal.h
index 88d0fdf8b8b..5588f9df66a 100644
--- a/source3/include/libsmb_internal.h
+++ b/source3/include/libsmb_internal.h
@@ -400,7 +400,7 @@ int
 SMBC_close_ctx(SMBCCTX *context,
                SMBCFILE *file);
 
-bool
+NTSTATUS
 SMBC_getatr(SMBCCTX * context,
             SMBCSRV *srv,
             const char *path,
diff --git a/source3/libsmb/libsmb_dir.c b/source3/libsmb/libsmb_dir.c
index 5ca6dc409a1..bf7b8f8b9b5 100644
--- a/source3/libsmb/libsmb_dir.c
+++ b/source3/libsmb/libsmb_dir.c
@@ -972,7 +972,7 @@ SMBC_opendir_ctx(SMBCCTX *context,
 					SAFE_FREE(dir->fname);
 					SAFE_FREE(dir);
 				}
-				saved_errno = SMBC_errno(context, targetcli);
+				saved_errno = cli_status_to_errno(status);
 
                                 if (saved_errno == EINVAL) {
 					struct stat sb = {0};
@@ -985,10 +985,12 @@ SMBC_opendir_ctx(SMBCCTX *context,
                                          */
                                         path[path_len] = '\0'; /* restore original path */
 
-                                        if (SMBC_getatr(context,
-							srv,
-							path,
-							&sb) &&
+					status = SMBC_getatr(
+						context,
+						srv,
+						path,
+						&sb);
+					if (NT_STATUS_IS_OK(status) &&
                                             !S_ISDIR(sb.st_mode)) {
 
                                                 /* It is.  Correct the error value */
@@ -1734,9 +1736,11 @@ SMBC_rmdir_ctx(SMBCCTX *context,
 	}
 	/*d_printf(">>>rmdir: resolved path as %s\n", targetpath);*/
 
-	if (!NT_STATUS_IS_OK(cli_rmdir(targetcli, targetpath))) {
+	status = cli_rmdir(targetcli, targetpath);
 
-		errno = SMBC_errno(context, targetcli);
+	if (!NT_STATUS_IS_OK(status)) {
+
+		errno = cli_status_to_errno(status);
 
 		if (errno == EACCES) {  /* Check if the dir empty or not */
 
@@ -1759,9 +1763,8 @@ SMBC_rmdir_ctx(SMBCCTX *context,
 
 			if (!NT_STATUS_IS_OK(status)) {
 				/* Fix errno to ignore latest error ... */
-				DEBUG(5, ("smbc_rmdir: "
-                                          "cli_list returned an error: %d\n",
-					  SMBC_errno(context, targetcli)));
+				DBG_INFO("cli_list returned an error: %s\n",
+					 nt_errstr(status));
 				errno = EACCES;
 
 			}
@@ -2241,22 +2244,26 @@ SMBC_unlink_ctx(SMBCCTX *context,
 	}
 	/*d_printf(">>>unlink: resolved path as %s\n", targetpath);*/
 
-	if (!NT_STATUS_IS_OK(cli_unlink(targetcli, targetpath, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN))) {
+	status = cli_unlink(
+		targetcli,
+		targetpath,
+		FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
 
-		errno = SMBC_errno(context, targetcli);
+	if (!NT_STATUS_IS_OK(status)) {
+
+		errno = cli_status_to_errno(status);
 
 		if (errno == EACCES) { /* Check if the file is a directory */
 
 			int saverr = errno;
 			struct stat sb = {0};
-			bool ok;
 
-			ok = SMBC_getatr(context, srv, path, &sb);
-			if (!ok) {
+			status = SMBC_getatr(context, srv, path, &sb);
+			if (!NT_STATUS_IS_OK(status)) {
 				/* Hmmm, bad error ... What? */
 
-				errno = SMBC_errno(context, targetcli);
 				TALLOC_FREE(frame);
+				errno = cli_status_to_errno(status);
 				return -1;
 
 			}
diff --git a/source3/libsmb/libsmb_file.c b/source3/libsmb/libsmb_file.c
index 0332b926610..499be92cb4a 100644
--- a/source3/libsmb/libsmb_file.c
+++ b/source3/libsmb/libsmb_file.c
@@ -402,6 +402,7 @@ SMBC_close_ctx(SMBCCTX *context,
                SMBCFILE *file)
 {
 	TALLOC_CTX *frame = talloc_stackframe();
+	NTSTATUS status;
 
 	if (!context || !context->internal->initialized) {
 		errno = EINVAL;
@@ -421,19 +422,20 @@ SMBC_close_ctx(SMBCCTX *context,
 		return smbc_getFunctionClosedir(context)(context, file);
 	}
 
-	if (!NT_STATUS_IS_OK(cli_close(file->targetcli, file->cli_fd))) {
+	status = cli_close(file->targetcli, file->cli_fd);
+	if (!NT_STATUS_IS_OK(status)) {
 		SMBCSRV *srv;
 		DEBUG(3, ("cli_close failed on %s. purging server.\n",
 			  file->fname));
 		/* Deallocate slot and remove the server
 		 * from the server cache if unused */
-		errno = SMBC_errno(context, file->targetcli);
 		srv = file->srv;
 		DLIST_REMOVE(context->internal->files, file);
 		SAFE_FREE(file->fname);
 		SAFE_FREE(file);
 		smbc_getFunctionRemoveUnusedServer(context)(context, srv);
 		TALLOC_FREE(frame);
+		errno = cli_status_to_errno(status);
 		return -1;
 	}
 
@@ -448,7 +450,7 @@ SMBC_close_ctx(SMBCCTX *context,
  * Get info from an SMB server on a file. Use a qpathinfo call first
  * and if that fails, use getatr, as Win95 sometimes refuses qpathinfo
  */
-bool
+NTSTATUS
 SMBC_getatr(SMBCCTX * context,
             SMBCSRV *srv,
             const char *path,
@@ -470,25 +472,22 @@ SMBC_getatr(SMBCCTX * context,
 	NTSTATUS status;
 
 	if (!context || !context->internal->initialized) {
-		errno = EINVAL;
 		TALLOC_FREE(frame);
- 		return False;
+		return NT_STATUS_INVALID_PARAMETER;
  	}
 
 	/* path fixup for . and .. */
 	if (ISDOT(path) || ISDOTDOT(path)) {
 		fixedpath = talloc_strdup(frame, "\\");
 		if (!fixedpath) {
-			errno = ENOMEM;
 			TALLOC_FREE(frame);
-			return False;
+			return NT_STATUS_NO_MEMORY;
 		}
 	} else {
 		fixedpath = talloc_strdup(frame, path);
 		if (!fixedpath) {
-			errno = ENOMEM;
 			TALLOC_FREE(frame);
-			return False;
+			return NT_STATUS_NO_MEMORY;
 		}
 		trim_string(fixedpath, NULL, "\\..");
 		trim_string(fixedpath, NULL, "\\.");
@@ -503,9 +502,8 @@ SMBC_getatr(SMBCCTX * context,
 				  &targetcli, &targetpath);
 	if (!NT_STATUS_IS_OK(status)) {
 		d_printf("Couldn't resolve %s\n", path);
-                errno = ENOENT;
 		TALLOC_FREE(frame);
-		return False;
+		return NT_STATUS_OBJECT_NAME_NOT_FOUND;
 	}
 
 	if (!srv->no_pathinfo2) {
@@ -569,15 +567,14 @@ setup_stat:
 		   write_time_ts);
 
 	TALLOC_FREE(frame);
-	return true;
+	return NT_STATUS_OK;
 
 all_failed:
 	srv->no_pathinfo2 = False;
 	srv->no_pathinfo3 = False;
 
-        errno = EPERM;
 	TALLOC_FREE(frame);
-	return False;
+	return NT_STATUS_ACCESS_DENIED;
 }
 
 /*
@@ -599,8 +596,8 @@ SMBC_setatr(SMBCCTX * context, SMBCSRV *srv, char *path,
             uint16_t attr)
 {
         uint16_t fd;
-        int ret;
 	uint32_t lattr = (uint32_t)attr;
+	NTSTATUS status;
 	TALLOC_CTX *frame = talloc_stackframe();
 
 	if (attr == (uint16_t)-1) {
@@ -644,17 +641,20 @@ SMBC_setatr(SMBCCTX * context, SMBCSRV *srv, char *path,
                 srv->no_pathinfo = True;
 
                 /* Open the file */
-                if (!NT_STATUS_IS_OK(cli_open(srv->cli, path, O_RDWR, DENY_NONE, &fd))) {
-                        errno = SMBC_errno(context, srv->cli);
+		status = cli_open(srv->cli, path, O_RDWR, DENY_NONE, &fd);
+		if (!NT_STATUS_IS_OK(status)) {
 			TALLOC_FREE(frame);
+                        errno = cli_status_to_errno(status);
                         return False;
                 }
 
                 /* Set the new attributes */
-                ret = NT_STATUS_IS_OK(cli_setattrE(srv->cli, fd,
-                                   change_time.tv_sec,
-                                   access_time.tv_sec,
-                                   write_time.tv_sec));
+		status = cli_setattrE(
+			srv->cli,
+			fd,
+			change_time.tv_sec,
+			access_time.tv_sec,
+			write_time.tv_sec);
 
                 /* Close the file */
                 cli_close(srv->cli, fd);
@@ -665,13 +665,13 @@ SMBC_setatr(SMBCCTX * context, SMBCSRV *srv, char *path,
                  * cli_setatr() for that, and with only this parameter, it
                  * seems to work on win98.
                  */
-                if (ret && attr != (uint16_t) -1) {
-                        ret = NT_STATUS_IS_OK(cli_setatr(srv->cli, path, (uint32_t)attr, 0));
+                if (NT_STATUS_IS_OK(status) && attr != (uint16_t) -1) {
+			status = cli_setatr(srv->cli, path, (uint32_t)attr, 0);
                 }
 
-                if (! ret) {
-                        errno = SMBC_errno(context, srv->cli);
+                if (!NT_STATUS_IS_OK(status)) {
 			TALLOC_FREE(frame);
+                        errno = cli_status_to_errno(status);
                         return False;
                 }
         }
diff --git a/source3/libsmb/libsmb_stat.c b/source3/libsmb/libsmb_stat.c
index 32c67b048c7..aa0b2dbe2b3 100644
--- a/source3/libsmb/libsmb_stat.c
+++ b/source3/libsmb/libsmb_stat.c
@@ -173,6 +173,7 @@ SMBC_stat_ctx(SMBCCTX *context,
 	char *workgroup = NULL;
 	char *path = NULL;
 	uint16_t port = 0;
+	NTSTATUS status;
 	TALLOC_CTX *frame = talloc_stackframe();
 
 	if (!context || !context->internal->initialized) {
@@ -221,9 +222,10 @@ SMBC_stat_ctx(SMBCCTX *context,
 		return -1;  /* errno set by SMBC_server */
 	}
 
-	if (!SMBC_getatr(context, srv, path, st)) {
-		errno = SMBC_errno(context, srv->cli);
+	status = SMBC_getatr(context, srv, path, st);
+	if (!NT_STATUS_IS_OK(status)) {
 		TALLOC_FREE(frame);
+		errno = cli_status_to_errno(status);
 		return -1;
 	}
 
diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c
index d66ea63617c..aed3b486a3d 100644
--- a/source3/libsmb/libsmb_xattr.c
+++ b/source3/libsmb/libsmb_xattr.c
@@ -552,6 +552,7 @@ dos_attr_query(SMBCCTX *context,
 {
 	struct stat sb = {0};
         struct DOS_ATTR_DESC *ret = NULL;
+	NTSTATUS status;
 
         ret = talloc(ctx, struct DOS_ATTR_DESC);
         if (!ret) {
@@ -560,10 +561,11 @@ dos_attr_query(SMBCCTX *context,
         }
 
         /* Obtain the DOS attributes */
-        if (!SMBC_getatr(context, srv, filename, &sb)) {
-                errno = SMBC_errno(context, srv->cli);
+	status = SMBC_getatr(context, srv, filename, &sb);
+	if (!NT_STATUS_IS_OK(status)) {
                 DEBUG(5, ("dos_attr_query Failed to query old attributes\n"));
 		TALLOC_FREE(ret);
+                errno = cli_status_to_errno(status);
                 return NULL;
         }
 
@@ -1151,13 +1153,15 @@ cacl_get(SMBCCTX *context,
 		off_t size = 0;
 		uint16_t mode = 0;
 		SMB_INO_T ino = 0;
+		NTSTATUS status;
 
                 /* Point to the portion after "system.dos_attr." */
                 name += 16;     /* if (all) this will be invalid but unused */
 
                 /* Obtain the DOS attributes */
-                if (!SMBC_getatr(context, srv, filename, &sb)) {
-                        errno = SMBC_errno(context, srv->cli);
+		status = SMBC_getatr(context, srv, filename, &sb);
+		if (!NT_STATUS_IS_OK(status)) {
+                        errno = cli_status_to_errno(status);
                         return -1;
                 }
 
diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c
index c52d29dc2fe..80c15bf2b58 100644
--- a/source3/modules/vfs_default.c
+++ b/source3/modules/vfs_default.c
@@ -1326,7 +1326,7 @@ static NTSTATUS vfswrap_translate_name(struct vfs_handle_struct *handle,
 /**
  * Return allocated parent directory and basename of path
  *
- * Note: if requesting name, it is returned as talloc child of the
+ * Note: if requesting atname, it is returned as talloc child of the
  * parent. Freeing the parent is thus sufficient to free both.
  */
 static NTSTATUS vfswrap_parent_pathname(struct vfs_handle_struct *handle,
diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c
index 5b252d2bf64..a8b2a98b413 100644
--- a/source3/smbd/dosmode.c
+++ b/source3/smbd/dosmode.c
@@ -958,15 +958,15 @@ int file_set_dosmode(connection_struct *conn,
 		}
 		smb_fname->st.st_ex_mode = unixmode;
 		return 0;
-	} else {
-		/*
-		 * Only fall back to using UNIX modes if
-		 * we get NOT_IMPLEMENTED.
-		 */
-		if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
-			errno = map_errno_from_nt_status(status);
-			return -1;
-		}
+	}
+
+	/*
+	 * Only fall back to using UNIX modes if
+	 * we get NOT_IMPLEMENTED.
+	 */
+	if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
+		errno = map_errno_from_nt_status(status);
+		return -1;
 	}
 
 	/* Fall back to UNIX modes. */
diff --git a/source3/smbd/files.c b/source3/smbd/files.c
index 36d4497b3d8..4113779f963 100644
--- a/source3/smbd/files.c
+++ b/source3/smbd/files.c
@@ -392,6 +392,7 @@ static int smb_fname_fsp_destructor(struct smb_filename *smb_fname)
  * fsp's as well.
  */
 static NTSTATUS open_pathref_base_fsp(const struct files_struct *dirfsp,
+				      struct smb_filename *smb_fname,
 				      struct files_struct *fsp)
 {
 	struct smb_filename *smb_fname_base = NULL;
@@ -399,11 +400,11 @@ static NTSTATUS open_pathref_base_fsp(const struct files_struct *dirfsp,
 	int ret;
 
 	smb_fname_base = synthetic_smb_fname(talloc_tos(),
-					     fsp->fsp_name->base_name,
+					     smb_fname->base_name,
 					     NULL,
 					     NULL,
-					     fsp->fsp_name->twrp,
-					     fsp->fsp_name->flags);
+					     smb_fname->twrp,
+					     smb_fname->flags);
 	if (smb_fname_base == NULL) {
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -498,7 +499,13 @@ NTSTATUS openat_pathref_fsp(const struct files_struct *dirfsp,
 	if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
 	    && is_ntfs_stream_smb_fname(fsp->fsp_name))
 	{
-		status = open_pathref_base_fsp(dirfsp, fsp);
+		/*
+		 * We must use smb_fname here, not fsp->fsp_name
+		 * as smb_fname is relative to dirfsp, whereas
+		 * fsp->fsp_name has been changed above to be
+		 * full_fname, relative to the base of the share.
+		 */
+		status = open_pathref_base_fsp(dirfsp, smb_fname, fsp);
 		if (!NT_STATUS_IS_OK(status)) {
 			goto fail;
 		}
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 6acc38c80f6..48d1faf2c6c 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -1057,7 +1057,9 @@ static NTSTATUS change_dir_owner_to_parent_fsp(struct files_struct *parent_fsp,
  file was created or not.
 ****************************************************************************/
 
-static NTSTATUS fd_open_atomic(files_struct *fsp,
+static NTSTATUS fd_open_atomic(struct files_struct *dirfsp,
+			       struct smb_filename *smb_fname,
+			       files_struct *fsp,
 			       int flags,
 			       mode_t mode,
 			       bool *file_created)
@@ -1071,7 +1073,7 @@ static NTSTATUS fd_open_atomic(files_struct *fsp,
 		/*
 		 * We're not creating the file, just pass through.
 		 */
-		status = fd_openat(fsp->conn->cwd_fsp, fsp->fsp_name, fsp, flags, mode);
+		status = fd_openat(dirfsp, smb_fname, fsp, flags, mode);
 		*file_created = false;
 		return status;
 	}
@@ -1080,7 +1082,7 @@ static NTSTATUS fd_open_atomic(files_struct *fsp,
 		/*
 		 * Fail if already exists, just pass through.
 		 */
-		status = fd_openat(fsp->conn->cwd_fsp, fsp->fsp_name, fsp, flags, mode);
+		status = fd_openat(dirfsp, smb_fname, fsp, flags, mode);
 
 		/*
 		 * Here we've opened with O_CREAT|O_EXCL. If that went
@@ -1120,7 +1122,7 @@ static NTSTATUS fd_open_atomic(files_struct *fsp,
 		retry_status = NT_STATUS_OBJECT_NAME_COLLISION;
 	}
 
-	status = fd_openat(fsp->conn->cwd_fsp, fsp->fsp_name, fsp, curr_flags, mode);
+	status = fd_openat(dirfsp, smb_fname, fsp, curr_flags, mode);
 	if (NT_STATUS_IS_OK(status)) {
 		*file_created = !file_existed;
 		return NT_STATUS_OK;
@@ -1139,7 +1141,7 @@ static NTSTATUS fd_open_atomic(files_struct *fsp,
 			curr_flags = flags | O_EXCL;
 		}
 
-		status = fd_openat(fsp->conn->cwd_fsp, fsp->fsp_name, fsp, curr_flags, mode);
+		status = fd_openat(dirfsp, smb_fname, fsp, curr_flags, mode);
 	}
 
 	*file_created = (NT_STATUS_IS_OK(status) && !file_existed);
@@ -1242,10 +1244,13 @@ static NTSTATUS reopen_from_fsp(struct files_struct *fsp,
 
 	fsp->fsp_flags.is_pathref = false;
 
-	status = fd_open_atomic(fsp,
-				flags,
-				mode,
-				p_file_created);


-- 
Samba Shared Repository



More information about the samba-cvs mailing list