sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-22 22:04:08 +03:00
Code

CVE-2019-10197: test_smbclient_s3.sh: add regression test for the no permission on share root problem

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Stefan Metzmacher 2019-07-16 15:40:38 +02:00 committed by Karolin Seeger
parent 1305693dba
commit c98528753f
3 changed files with 43 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
selftest/knownfail.d/CVE-2019-10197 Normal file
View File

@ -0,0 +1 @@
^samba3.blackbox.smbclient_s3.*.noperm.share.regression

12
selftest/target/Samba3.pm
View File

@ -1450,6 +1450,9 @@ sub provision($$$$$$$$$)
my $ro_shrdir="$shrdir/root-tmp"; my $ro_shrdir="$shrdir/root-tmp";
push(@dirs,$ro_shrdir); push(@dirs,$ro_shrdir);
my $noperm_shrdir="$shrdir/noperm-tmp";
push(@dirs,$noperm_shrdir);
my $msdfs_shrdir="$shrdir/msdfsshare"; my $msdfs_shrdir="$shrdir/msdfsshare";
push(@dirs,$msdfs_shrdir); push(@dirs,$msdfs_shrdir);
@ -1520,6 +1523,11 @@ sub provision($$$$$$$$$)
chmod 0755, $piddir; chmod 0755, $piddir;
##
## Create a directory without permissions to enter
##
chmod 0000, $noperm_shrdir;
## ##
## create ro and msdfs share layout ## create ro and msdfs share layout
## ##
@ -1828,6 +1836,10 @@ sub provision($$$$$$$$$)
[ro-tmp] [ro-tmp]
path = $ro_shrdir path = $ro_shrdir
guest ok = yes guest ok = yes
[noperm]
path = $noperm_shrdir
wide links = yes
guest ok = yes
[write-list-tmp] [write-list-tmp]
path = $shrdir path = $shrdir
read only = yes read only = yes

30
source3/script/tests/test_smbclient_s3.sh
View File

@ -1329,6 +1329,32 @@ EOF
fi fi
} }
#
# Regression test for CVE-2019-10197
# we should always get ACCESS_DENIED
#
test_noperm_share_regression()
{
cmd='$SMBCLIENT -U$USERNAME%$PASSWORD //$SERVER/noperm -I $SERVER_IP $LOCAL_ADDARGS -c "ls;ls" 2>&1'
eval echo "$cmd"
out=`eval $cmd`
ret=$?
if [ $ret -eq 0 ] ; then
echo "$out"
echo "failed accessing no perm share should not work"
return 1
fi
num=`echo "$out" | grep 'NT_STATUS_ACCESS_DENIED' | wc -l`
if [ "$num" -ne "2" ] ; then
echo "$out"
echo "failed num[$num] - two NT_STATUS_ACCESS_DENIED lines expected"
return 1
fi
return 0
}
# Test smbclient deltree command # Test smbclient deltree command
test_deltree() test_deltree()
{ {
@ -1857,6 +1883,10 @@ testit "follow local symlinks" \
test_local_symlinks || \ test_local_symlinks || \
failed=`expr $failed + 1` failed=`expr $failed + 1`
testit "noperm share regression" \
test_noperm_share_regression || \
failed=`expr $failed + 1`
testit "smbclient deltree command" \ testit "smbclient deltree command" \
test_deltree || \ test_deltree || \
failed=`expr $failed + 1` failed=`expr $failed + 1`