sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-11 16:58:40 +03:00
Code

s3: smbd: Fix incorrect logic exposed by fix for the security bug 12496 (CVE-2017-2619).

Browse Source 
In a UNIX filesystem, the names "." and ".." by definition can *never*
be symlinks - they are already reserved names.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12721

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit ae17bebd250bdde5614b2ac17e53512f19fe9b68)
This commit is contained in:
Jeremy Allison 2017-03-27 10:46:47 -07:00 committed by Karolin Seeger
parent 2e00feb278
commit 4a6d828e8f
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
source3/smbd/vfs.c
View File

@ -1277,8 +1277,11 @@ NTSTATUS check_reduced_name(connection_struct *conn, const char *fname)
/* fname can't have changed in resolved_path. */
const char *p = &resolved_name[rootdir_len];
/* *p can be '\0' if fname was "." */
if (*p == '\0' && ISDOT(fname)) {
/*
* UNIX filesystem semantics, names consisting
* only of "." or ".." CANNOT be symlinks.
*/
if (ISDOT(fname) || ISDOTDOT(fname)) {
goto out;
}