[SCM] Samba Shared Repository - branch master updated
Ralph Böhme
slow at samba.org
Thu Jan 12 16:42:01 UTC 2023
The branch, master has been updated
via 425aaf6f7eb lib: Fix a use-after-free in "net vfs getntacl"
via d278fe4a847 lib: Fix out-of-bounds access in print_ace_flags()
via 3a458a8198e lib: Use talloc_asprintf_addbuf() in print_ace_flags()
via 6dcbea9e0fb build: Don't compile source3/lib/util_sd.c four times
from 98d84192a03 s3:utils:mdsearch go to cmdline_messaging_context_free
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 425aaf6f7ebecc33463f6ed2f39573e95a72bf55
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 12 12:00:26 2023 +0100
lib: Fix a use-after-free in "net vfs getntacl"
Don't hang "sd" off "fsp", which is free'ed before printing
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Jan 12 16:41:07 UTC 2023 on sn-devel-184
commit d278fe4a8478c1108b0f95daa99eb0a4e8fa787c
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 12 11:55:04 2023 +0100
lib: Fix out-of-bounds access in print_ace_flags()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 3a458a8198eef40e4e58a6dc10525409188d573f
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 12 11:51:50 2023 +0100
lib: Use talloc_asprintf_addbuf() in print_ace_flags()
Simplifies code.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 6dcbea9e0fb09f2d420b2424081bb20d459277fb
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 12 12:11:49 2023 +0100
build: Don't compile source3/lib/util_sd.c four times
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/lib/util_sd.c | 45 +++++++++++++------------------------------
source3/torture/wscript_build | 2 +-
source3/utils/net_vfs.c | 4 +++-
source3/utils/wscript_build | 8 +++++---
source3/wscript_build | 3 +++
5 files changed, 25 insertions(+), 37 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/util_sd.c b/source3/lib/util_sd.c
index a4288a46f3d..23f37b7e734 100644
--- a/source3/lib/util_sd.c
+++ b/source3/lib/util_sd.c
@@ -240,53 +240,34 @@ bool StringToSid(struct cli_state *cli, struct dom_sid *sid, const char *str)
static void print_ace_flags(FILE *f, uint8_t flags)
{
char *str = talloc_strdup(NULL, "");
-
- if (!str) {
- goto out;
- }
+ size_t len;
if (flags & SEC_ACE_FLAG_OBJECT_INHERIT) {
- str = talloc_asprintf(str, "%s%s",
- str, "OI|");
- if (!str) {
- goto out;
- }
+ talloc_asprintf_addbuf(&str, "OI|");
}
if (flags & SEC_ACE_FLAG_CONTAINER_INHERIT) {
- str = talloc_asprintf(str, "%s%s",
- str, "CI|");
- if (!str) {
- goto out;
- }
+ talloc_asprintf_addbuf(&str, "CI|");
}
if (flags & SEC_ACE_FLAG_NO_PROPAGATE_INHERIT) {
- str = talloc_asprintf(str, "%s%s",
- str, "NP|");
- if (!str) {
- goto out;
- }
+ talloc_asprintf_addbuf(&str, "NP|");
}
if (flags & SEC_ACE_FLAG_INHERIT_ONLY) {
- str = talloc_asprintf(str, "%s%s",
- str, "IO|");
- if (!str) {
- goto out;
- }
+ talloc_asprintf_addbuf(&str, "IO|");
}
if (flags & SEC_ACE_FLAG_INHERITED_ACE) {
- str = talloc_asprintf(str, "%s%s",
- str, "I|");
- if (!str) {
- goto out;
- }
+ talloc_asprintf_addbuf(&str, "I|");
}
+ if (str == NULL) {
+ goto out;
+ }
+
/* Ignore define SEC_ACE_FLAG_SUCCESSFUL_ACCESS ( 0x40 )
and SEC_ACE_FLAG_FAILED_ACCESS ( 0x80 ) as they're
audit ace flags. */
- if (str[strlen(str)-1] == '|') {
- str[strlen(str)-1] = '\0';
- fprintf(f, "/%s/", str);
+ len = strlen(str);
+ if (len > 0) {
+ fprintf(f, "/%.*s/", (int)len-1, str);
} else {
fprintf(f, "/0x%x/", flags);
}
diff --git a/source3/torture/wscript_build b/source3/torture/wscript_build
index e941829ab5f..18106aaf59a 100644
--- a/source3/torture/wscript_build
+++ b/source3/torture/wscript_build
@@ -58,7 +58,6 @@ bld.SAMBA3_BINARY('smbtorture' + bld.env.suffix3,
test_idmap_cache.c
test_hidenewfiles.c
test_readdir_timestamp.c
- ../lib/util_sd.c
''' + TORTURE3_ADDITIONAL_SOURCE,
deps='''
talloc
@@ -74,6 +73,7 @@ bld.SAMBA3_BINARY('smbtorture' + bld.env.suffix3,
IDMAP_TDB_COMMON
libcli_lsa3
samba-cluster-support
+ util_sd
''',
cflags='-DWINBINDD_SOCKET_DIR=\"%s\"' % bld.env.WINBINDD_SOCKET_DIR,
for_selftest=True)
diff --git a/source3/utils/net_vfs.c b/source3/utils/net_vfs.c
index 90822bf368c..0cdfc44b9b7 100644
--- a/source3/utils/net_vfs.c
+++ b/source3/utils/net_vfs.c
@@ -276,7 +276,7 @@ static int net_vfs_get_ntacl(struct net_context *net,
status = SMB_VFS_FGET_NT_ACL(fsp,
SECINFO_OWNER|SECINFO_GROUP|SECINFO_DACL,
- fsp,
+ talloc_tos(),
&sd);
if (!NT_STATUS_IS_OK(status)) {
DBG_ERR("SMB_VFS_FGET_NT_ACL [%s] failed: %s\n",
@@ -296,6 +296,8 @@ static int net_vfs_get_ntacl(struct net_context *net,
rc = 0;
done:
+ TALLOC_FREE(sd);
+
if (fsp != NULL) {
status = close_file_free(NULL, &fsp, NORMAL_CLOSE);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/utils/wscript_build b/source3/utils/wscript_build
index f5aa0af7eed..49f97af8c7c 100644
--- a/source3/utils/wscript_build
+++ b/source3/utils/wscript_build
@@ -75,12 +75,13 @@ bld.SAMBA3_BINARY('nmblookup',
LIBNMB''')
bld.SAMBA3_BINARY('smbcacls',
- source='smbcacls.c ../lib/util_sd.c',
+ source='smbcacls.c',
deps='''
talloc
CMDLINE_S3
msrpc3
libcli_lsa3
+ util_sd
krb5samba''')
bld.SAMBA3_BINARY('smbcquotas',
@@ -102,13 +103,14 @@ bld.SAMBA3_BINARY('eventlogadm',
install_path='${SBINDIR}')
bld.SAMBA3_BINARY('sharesec',
- source='sharesec.c ../lib/util_sd.c',
+ source='sharesec.c',
deps='''
talloc
msrpc3
libcli_lsa3
CMDLINE_S3
cmdline_contexts
+ util_sd
''')
bld.SAMBA3_BINARY('log2pcap',
@@ -240,7 +242,6 @@ bld.SAMBA3_BINARY('net',
../registry/reg_format.c
../registry/reg_import.c
net_registry_util.c
- ../lib/util_sd.c
net_help_common.c''',
deps='''
talloc
@@ -285,6 +286,7 @@ bld.SAMBA3_BINARY('net',
common_auth
ADOUBLE
DNS_UTIL
+ util_sd
''')
bld.SAMBA3_BINARY('mvxattr',
diff --git a/source3/wscript_build b/source3/wscript_build
index 97c6b5c17fc..4042d8e9c8d 100644
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -1127,6 +1127,9 @@ bld.SAMBA3_SUBSYSTEM('TDB_VALIDATE',
source='lib/tdb_validate.c',
deps='samba-util')
+bld.SAMBA3_SUBSYSTEM('util_sd',
+ deps='smbclient',
+ source='lib/util_sd.c')
bld.SAMBA3_BINARY('client/smbclient',
source='''
--
Samba Shared Repository
More information about the samba-cvs
mailing list