[PATCH] Master fix for bug #9518 - conn->share_access appears not be be reset between users

Jeremy Allison jra at samba.org
Tue Jan 8 09:42:30 MST 2013 

On Tue, Jan 08, 2013 at 10:38:40PM +1100, Andrew Bartlett wrote:
> 
> Jermey,
> 
> I've got bad news sorry.  
> 
> source3/printing/nt_printing.c:get_correct_cversion() calls
> become_user_by_session() which uses UID_FIELD_INVALID.
> 
> This means that on sn-devel (but not on my Fedora system!) we segfault:
> /home/abartlet/samba-1/bin/smbd: #7  0x00002b8604c74f3e in check_user_ok
> (conn=0x1943890, vuid=0,
> /home/abartlet/samba-1/bin/smbd:     session_info=0x218a990, snum=15)
> at ../source3/smbd/uid.c:193
> /home/abartlet/samba-1/bin/smbd:         i = 0
> /home/abartlet/samba-1/bin/smbd:         readonly_share = false
> /home/abartlet/samba-1/bin/smbd:         admin_user = false
> /home/abartlet/samba-1/bin/smbd:         ent = 0x8
> /home/abartlet/samba-1/bin/smbd:         share_access = 0
> /home/abartlet/samba-1/bin/smbd:         status = {v = 39425808}
> /home/abartlet/samba-1/bin/smbd:         __FUNCTION__ = "check_user_ok"
> /home/abartlet/samba-1/bin/smbd: #8  0x00002b8604c75204 in
> change_to_user_internal (conn=0x1943890,
> /home/abartlet/samba-1/bin/smbd:     session_info=0x218a990, vuid=0)
> at ../source3/smbd/uid.c:274
> /home/abartlet/samba-1/bin/smbd:         snum = 15
> /home/abartlet/samba-1/bin/smbd:         gid = 0
> /home/abartlet/samba-1/bin/smbd:         uid = 4
> /home/abartlet/samba-1/bin/smbd:         group_c = 0 '\000'
> /home/abartlet/samba-1/bin/smbd:         num_groups = 0
> /home/abartlet/samba-1/bin/smbd:         group_list = 0x0
> /home/abartlet/samba-1/bin/smbd:         ok = false
> /home/abartlet/samba-1/bin/smbd:         __FUNCTION__ =
> "change_to_user_internal"
> /home/abartlet/samba-1/bin/smbd: #9  0x00002b8604c758ac in
> change_to_user_by_session (conn=0x1943890,
> /home/abartlet/samba-1/bin/smbd:     session_info=0x218a990)
> at ../source3/smbd/uid.c:390
> /home/abartlet/samba-1/bin/smbd:         __FUNCTION__ =
> "change_to_user_by_session"
> /home/abartlet/samba-1/bin/smbd: #10 0x00002b8604c75cb6 in
> become_user_by_session (conn=0x1943890,
> /home/abartlet/samba-1/bin/smbd:     session_info=0x218a990)
> at ../source3/smbd/uid.c:544
> /home/abartlet/samba-1/bin/smbd: No locals.
> /home/abartlet/samba-1/bin/smbd: #11 0x00002b8604bd61b1 in
> get_correct_cversion (session_info=0x218a990,
> /home/abartlet/samba-1/bin/smbd:     architecture=0x2b8604dffb51
> "W32X86",
> /home/abartlet/samba-1/bin/smbd:     driverpath_in=0x27f1f20
> "pscript5.dll", perr=0x7fff40a89600)
> /home/abartlet/samba-1/bin/smbd:
> at ../source3/printing/nt_printing.c:640
> /home/abartlet/samba-1/bin/smbd:         cversion = -1
> /home/abartlet/samba-1/bin/smbd:         nt_status = {v = 0}
> /home/abartlet/samba-1/bin/smbd:         smb_fname = 0x0
> /home/abartlet/samba-1/bin/smbd:         driverpath = 0x0
> /home/abartlet/samba-1/bin/smbd:         fsp = 0x0
> /home/abartlet/samba-1/bin/smbd:         conn = 0x1943890
> /home/abartlet/samba-1/bin/smbd:         oldcwd = 0x2910620 "/tmp"
> /home/abartlet/samba-1/bin/smbd:         printdollar = 0x1eba6c0 "print
> $"
> /home/abartlet/samba-1/bin/smbd:         printdollar_snum = 15
> /home/abartlet/samba-1/bin/smbd:         __FUNCTION__ =
> "get_correct_cversion"
> 
> This means we need to put back all the ugly UID_FIELD_INVALID stuff,
> because we don't want to be doing caches based on a 0 vuid (being the
> value the cache is initialised to).  (Or find a more elegant solution). 

Thanks for the update. I'll look into this for a fix ASAP.

I'd really rather not put back the UID_FIELD_INVALID code,
so let me see what I can come up with.

Cheers,

	Jeremy.

More information about the samba-technical mailing list