1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-22 22:04:08 +03:00

smbd: Prevent creation of vetoed files

The problem is when checking for vetoed names on the last path component in
openat_pathref_fsp_case_insensitive() we return
NT_STATUS_OBJECT_NAME_NOT_FOUND. The in the caller
filename_convert_dirfsp_nosymlink() this is treated as the "file creation case"
causing filename_convert_dirfsp_nosymlink() to return NT_STATUS_OK.

In order to correctly distinguish between the cases

1) file doesn't exist, we may be creating it, return
2) a vetoed a file

we need 2) to return a more specific error to
filename_convert_dirfsp_nosymlink(). I've chosen NT_STATUS_OBJECT_NAME_INVALID
which gets mapped to the appropriate errror NT_STATUS_OBJECT_PATH_NOT_FOUND or
NT_STATUS_OBJECT_NAME_NOT_FOUND depending on which path component was vetoed.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15143

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr  6 23:03:50 UTC 2023 on atb-devel-224

(cherry picked from commit 8b23a4a7eca9b8f80cc4113bb8cf9bb7bd5b4807)
This commit is contained in:
Ralph Boehme 2023-04-05 11:03:52 +02:00 committed by Jule Anger
parent ad60260323
commit 72d3c4f679
2 changed files with 7 additions and 4 deletions

View File

@ -1 +0,0 @@
^samba3.blackbox.test_veto_files.create_veto_file\(fileserver\)

View File

@ -840,7 +840,7 @@ static NTSTATUS openat_pathref_fsp_case_insensitive(
if (IS_VETO_PATH(dirfsp->conn, smb_fname_rel->base_name)) {
DBG_DEBUG("veto files rejecting last component %s\n",
smb_fname_str_dbg(smb_fname_rel));
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
return NT_STATUS_NETWORK_OPEN_RESTRICTION;
}
status = openat_pathref_fsp(dirfsp, smb_fname_rel);
@ -906,7 +906,7 @@ static NTSTATUS openat_pathref_fsp_case_insensitive(
DBG_DEBUG("veto files rejecting last component %s\n",
smb_fname_str_dbg(smb_fname_rel));
TALLOC_FREE(cache_key.data);
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
return NT_STATUS_NETWORK_OPEN_RESTRICTION;
}
status = openat_pathref_fsp(dirfsp, smb_fname_rel);
@ -936,7 +936,7 @@ lookup:
if (IS_VETO_PATH(dirfsp->conn, smb_fname_rel->base_name)) {
DBG_DEBUG("veto files rejecting last component %s\n",
smb_fname_str_dbg(smb_fname_rel));
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
return NT_STATUS_NETWORK_OPEN_RESTRICTION;
}
status = openat_pathref_fsp(dirfsp, smb_fname_rel);
@ -1341,6 +1341,10 @@ static NTSTATUS filename_convert_dirfsp_nosymlink(
goto done;
}
if (NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_OPEN_RESTRICTION)) {
/* A vetoed file, pretend it's not there */
status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}