1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

CVE-2017-2619: s3: smbd: Use the new non_widelink_open() function.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Mar 23 22:55:04 CET 2017 on sn-devel-144
This commit is contained in:
Jeremy Allison 2016-12-15 13:06:31 -08:00 committed by Karolin Seeger
parent 4301505d97
commit 294a1a8374

View File

@ -647,7 +647,28 @@ NTSTATUS fd_open(struct connection_struct *conn,
flags |= O_NOFOLLOW;
}
fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
/* Ensure path is below share definition. */
if (!lp_widelinks(SNUM(conn))) {
const char *conn_rootdir = SMB_VFS_CONNECTPATH(conn,
smb_fname->base_name);
if (conn_rootdir == NULL) {
return NT_STATUS_NO_MEMORY;
}
/*
* Only follow symlinks within a share
* definition.
*/
fsp->fh->fd = non_widelink_open(conn,
conn_rootdir,
fsp,
smb_fname,
flags,
mode,
0);
} else {
fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
}
if (fsp->fh->fd == -1) {
int posix_errno = link_errno_convert(errno);
status = map_nt_error_from_unix(posix_errno);