sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-07 17:18:11 +03:00
Code

CVE-2017-2619: s3: smbd: Use the new non_widelink_open() function.

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
This commit is contained in:
Jeremy Allison 2016-12-15 13:06:31 -08:00 committed by Karolin Seeger
parent a69b3e285a
commit 9746c7e15a
1 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
source3/smbd/open.c
View File

@ -634,7 +634,28 @@ NTSTATUS fd_open(struct connection_struct *conn,
flags |= O_NOFOLLOW;
}
fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
/* Ensure path is below share definition. */
if (!lp_widelinks(SNUM(conn))) {
const char *conn_rootdir = SMB_VFS_CONNECTPATH(conn,
smb_fname->base_name);
if (conn_rootdir == NULL) {
return NT_STATUS_NO_MEMORY;
}
/*
* Only follow symlinks within a share
* definition.
*/
fsp->fh->fd = non_widelink_open(conn,
conn_rootdir,
fsp,
smb_fname,
flags,
mode,
0);
} else {
fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
}
if (fsp->fh->fd == -1) {
int posix_errno = link_errno_convert(errno);
status = map_nt_error_from_unix(posix_errno);