[PATCH v2] Fix bug 10775 - smbd crashes when accessing garbage filenames
David Disseldorp
ddiss at suse.de
Mon Sep 1 06:06:51 MDT 2014
On Fri, 29 Aug 2014 10:01:51 -0700, Jeremy Allison wrote:
> On Fri, Aug 29, 2014 at 04:47:29PM +0200, David Disseldorp wrote:
...
> > I think I'd prefer to keep the explicit out_of_space
> > parameter, rather than audit all return paths for potential
> > STATUS_MORE_ENTRIES values.
>
> STATUS_MORE_ENTRIES has a long and established history
> of being used in this way - from the description of the
> error return:
>
> "Returned by enumeration APIs to indicate more information is available to successive calls."
Thanks, that's pretty clearly worded :)
My main concern would still be accidentally returning it up the stack
from map_nt_error_from_unix_common(), but it looks like that's mostly
addressed with the filter that you added.
...
> Updated patch for your review attached !
The first two patches look good, but I'm still looking at the rest.
One issue I still have with the push_string_base() errno trap is that
it doesn't appear to catch errors in the push_ascii()->strupper_m()
error path.
strupper_m() returns false without setting errno, which is then returned
as 0 from push_ascii(), which would have previously flagged an error to
callers.
Cheers, David
More information about the samba-technical
mailing list