1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

VFS: nfs4acl_xattr: Ensure nfs4acl_get_blob() always gets a valid fsp pointer.

This means adding a synthetic_pathref() call into the
nfs4acl_xattr version of SMB_VFS_GET_NT_ACL_AT() which
is the pathname-based ACL fetch call.

One place where this (smb_fname->fsp == NULL)
can happen is from open when checking parent
directory ACL - check_parent_access() currently
isn't always passed a smb_fname with a valid
fsp and check_parent_access() currently doesn't
open a pathref smb_fname->fsp itself (eventually
it should be passed in a pathref from the caller).

There are also a few other places inside smbd
that call smbd_check_access_rights() also without
a pathref fsp.

This check should be moved into the
callers inside smbd to ensure that smb_fname->fsp
is always valid here, and in a later patchset (not
part of this set) I will do just that.

Ultimately it may be possible to remove
pathname based SMB_VFS_GET_NT_ACL_AT(), this
requires further investigation.

But until then, we need this change.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This commit is contained in:
Jeremy Allison 2021-04-01 13:16:34 -07:00 committed by Ralph Boehme
parent d590d9130e
commit 9f80f787e0

View File

@ -272,15 +272,73 @@ static NTSTATUS nfs4acl_xattr_get_nt_acl_at(struct vfs_handle_struct *handle,
struct SMB4ACL_T *smb4acl = NULL;
TALLOC_CTX *frame = talloc_stackframe();
DATA_BLOB blob;
struct smb_filename *pathref = NULL;
NTSTATUS status;
SMB_ASSERT(dirfsp == handle->conn->cwd_fsp);
status = nfs4acl_get_blob(handle, NULL, smb_fname, frame, &blob);
if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
/*
* FIXME. One place where this (smb_fname->fsp == NULL)
* can happen is from open when checking parent
* directory ACL - check_parent_access() currently
* isn't always passed a smb_fname with a valid
* fsp and check_parent_access() currently doesn't
* open a pathref smb_fname->fsp itself (eventually
* it should be passed in a pathref from the caller).
*
* There are also a few other places inside smbd
* that call smbd_check_access_rights() also without
* a pathref fsp.
*
* This check should be moved into the
* callers inside smbd to ensure that smb_fname->fsp
* is always valid here, and in a later patchset
* I will do just that. -- jra.
*
* Ultimately it may be possible to remove
* pathname based SMB_VFS_GET_NT_ACL_AT(), this
* requires further investigation.
*/
if (smb_fname->fsp == NULL) {
DBG_DEBUG("FIXME: file %s doesn't have a pathref fsp\n",
smb_fname_str_dbg(smb_fname));
status = synthetic_pathref(frame,
dirfsp,
smb_fname->base_name,
NULL,
NULL,
smb_fname->twrp,
smb_fname->flags,
&pathref);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(frame);
return status;
}
smb_fname = pathref;
}
if (fsp_get_pathref_fd(smb_fname->fsp) == -1) {
/*
* This is a POSIX open on a symlink.
* Return not found to catch the
* special casing in open_file().
*/
DBG_DEBUG("file %s pathref fd == -1\n",
smb_fname_str_dbg(smb_fname));
TALLOC_FREE(frame);
return nfs4acl_xattr_default_sd(
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
status = nfs4acl_get_blob(handle,
smb_fname->fsp,
smb_fname,
frame,
&blob);
if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
status = nfs4acl_xattr_default_sd(
handle, smb_fname, mem_ctx, sd);
TALLOC_FREE(frame);
return status;
}
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(frame);