sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Code

s3: smbd: Add IS_VETO_PATH checks to openat_pathref_fsp_case_insensitive().

Browse Source 
Returns NT_STATUS_OBJECT_NAME_NOT_FOUND for final component.

Note we have to call the check before each call to
openat_pathref_fsp(), as each call may be using a
different filesystem name. The first name is the
one passed into openat_pathref_fsp_case_insensitive()
by the caller, the second one is a name retrieved from
get_real_filename_cache_key(), and the third one is the name
retrieved from get_real_filename_at(). The last two
calls may have demangled the client given name into
a veto'ed path on the filesystem.

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15143

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Aug 16 08:26:54 UTC 2022 on sn-devel-184
This commit is contained in:
Jeremy Allison 2022-08-11 10:03:58 -07:00 committed by Stefan Metzmacher
parent 1c29306020
commit 1654eae11b
2 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
selftest/knownfail.d/veto_files
View File

@ -1 +0,0 @@
^samba3.blackbox.test_veto_files.get_veto_file\(fileserver\)

20
source3/smbd/filename.c
View File

@ -836,6 +836,13 @@ static NTSTATUS openat_pathref_fsp_case_insensitive(
SET_STAT_INVALID(smb_fname_rel->st);
/* Check veto files - only looks at last component. */
if (IS_VETO_PATH(dirfsp->conn, smb_fname_rel->base_name)) {
DBG_DEBUG("veto files rejecting last component %s\n",
smb_fname_str_dbg(smb_fname_rel));
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
status = openat_pathref_fsp(dirfsp, smb_fname_rel);
if (NT_STATUS_IS_OK(status)) {
@ -895,6 +902,13 @@ static NTSTATUS openat_pathref_fsp_case_insensitive(
return NT_STATUS_NO_MEMORY;
}
if (IS_VETO_PATH(dirfsp->conn, smb_fname_rel->base_name)) {
DBG_DEBUG("veto files rejecting last component %s\n",
smb_fname_str_dbg(smb_fname_rel));
TALLOC_FREE(cache_key.data);
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
status = openat_pathref_fsp(dirfsp, smb_fname_rel);
if (NT_STATUS_IS_OK(status)) {
TALLOC_FREE(cache_key.data);
@ -919,6 +933,12 @@ lookup:
TALLOC_FREE(smb_fname_rel->base_name);
smb_fname_rel->base_name = found_name;
if (IS_VETO_PATH(dirfsp->conn, smb_fname_rel->base_name)) {
DBG_DEBUG("veto files rejecting last component %s\n",
smb_fname_str_dbg(smb_fname_rel));
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
status = openat_pathref_fsp(dirfsp, smb_fname_rel);
}