[PATCH] Prevent the overwriting of global errno in set file info code path.

Surbhi Palande Surbhi.Palande at canonical.com
Thu Mar 18 12:47:29 MDT 2010 

Hi Jeremy,

On Wed, 2010-03-17 at 10:58 -0700, Jeremy Allison wrote:
> On Wed, Mar 17, 2010 at 10:34:51AM +0200, Surbhi Palande wrote:
> > 
> > Thats correct. I did a saving of the errno in the
> > posixacl_sys_acl_set_file() as a safety check, since our intention is to
> > have the errno from the acl_set_file(). Normally speaking this should
> > not get overwritten at this point. The actual overwriting of errno is
> > done by the call to SMB_VFS_SYS_ACL_FREE_ACL() (called from
> > set_unix_posix_default_acl)
> 
> Can you explain this clearer please ? I don't understand.
> What is the exact case where errno gets overwritten ?
> 
> > The -EINVAL setting/overwriting takes place by the call to
> > SMB_VFS_SYS_ACL_FREE_ACL() (which does a free of an acl entry which is
> > already freed by acl_free() called previously). 
> 
> Again, I don't understand this. I presume you're talking about
> this code:
> 
>         if (SMB_VFS_SYS_ACL_SET_FILE(conn, fname, SMB_ACL_TYPE_DEFAULT, def_acl) == -1) {
>                 DEBUG(5,("set_unix_posix_default_acl: acl_set_file failed on directory %s (%s)\n",
>                         fname, strerror(errno) ));
>                 SMB_VFS_SYS_ACL_FREE_ACL(conn, def_acl);
>                 return False;
>         }
> 
> Under what circumstances has def_acl already been freed ?
> I really need to understand your issue completely before
> correcting this code.

Ya! I looked at this once again. You are right. The error number
is NOT getting overwritten. I looked at the free_acl() and the
allocation of entry code carefully.

Please do ignore this patch. I wonder how the patch worked for me!! 

I did find out the real problem though.

source3/lib/errmap_unix.c::map_nt_error_from_unix() gets called due to
error in set_unix_posix_acl(). The errno set is: "ENOTSUP"

There is no mapping of the Unix error "ENOTSUP" to NT error.
Adding this mapping, removes the error. When no mapping is found
map_nt_error_from_unix() returns  NT_STATUS_ACCESS_DENIED.

(It was a bad coincidence of -EINVAL translating to
NT_STATUS_ACCESS_DENIED - indeed sorry for this!)


Warm Regards,
Surbhi.

More information about the samba-technical mailing list