bug in smbcacls
Herb Lewis
hlewis at panasas.com
Thu Feb 4 18:16:21 UTC 2016
The following diff is against master. I also added a suggested change to
allow
the word None for flags as well.
--- a/source3/lib/util_sd.c
+++ b/source3/lib/util_sd.c
@@ -356,7 +356,13 @@ static bool parse_ace_flags(const char *str,
unsigned int *pflags)
*pflags = 0;
while (*p) {
- if (strnequal(p, "OI", 2)) {
+ if (strnequal(p, "None", 2)) {
+ p += 4;
+ if (*p != '\0') {
+ return false;
+ }
+ return true;
+ } else if (strnequal(p, "OI", 2)) {
*pflags |= SEC_ACE_FLAG_OBJECT_INHERIT;
p += 2;
} else if (strnequal(p, "CI", 2)) {
@@ -420,7 +426,7 @@ bool parse_ace(struct cli_state *cli, struct
security_ace *ace,
p++;
/* Try to parse numeric form */
- if (sscanf(p, "%u/%u/%u", &atype, &aflags, &amask) == 3 &&
+ if (sscanf(p, "%i/%i/%i", &atype, &aflags, &amask) == 3 &&
StringToSid(cli, &sid, str)) {
goto done;
}
On 02/04/2016 09:47 AM, Christof Schmitt wrote:
> On Thu, Feb 04, 2016 at 09:31:37AM -0800, Herb Lewis wrote:
>> In source3/lib/util_sd.c function parse_ace there is the following
>> line that I think is incorrect
>>
>> if (sscanf(p, "%u/%u/%u", &atype, &aflags, &amask) == 3 &&
>>
>> in the old samba 3.6 code it used to read
>>
>> if (sscanf(p, "%i/%i/%i", &atype, &aflags, &amask) == 3 &&
>>
>> and according to the man page for sscanf the %u is only for decimal
>> integers while %i also checks for base 16 and base 8 as well. Was there
>> a reason this was changed so that hex numbers are no longer allowed?
> util_sd.c is the result of using common code between smbcacls and
> sharesec. There is no reason why we would disallow base 16 and base 8; i
> probably just missed that part. Feel free to send a patch, or i can
> address this when i have a minute.
>
> Christof
More information about the samba-technical
mailing list