sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-10 12:58:35 +03:00
Code

CVE-2015-7560: s3: smbd: Refuse to get a POSIX ACL on a symlink.

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11648

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This commit is contained in:
Jeremy Allison 2016-01-05 11:24:36 -08:00 committed by Karolin Seeger
parent af2e4763bf
commit 3f59769ffe
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
source3/smbd/trans2.c
View File

@ -5338,6 +5338,13 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn,
uint16_t num_file_acls = 0;
uint16_t num_def_acls = 0;
status = refuse_symlink(conn,
fsp,
smb_fname->base_name);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if (fsp && fsp->fh->fd != -1) {
file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp,
talloc_tos());