IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
These flags provide insert-new and overwrite-existing record semantics
respectively.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Jun 9 21:07:24 UTC 2020 on sn-devel-184
NSS_BUFLEN_PASSWD is not defined on FreeBSD. Use
sysconf(_SC_GETPW_R_SIZE_MAX) instead, as per POSIX.
Use a dynamically allocated buffer instead of trying to cram all of
the logic into the declarations. This will come in useful later
anyway.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
It appears that snprintf(3) is being used for input validation.
However, this seems like overkill because it causes szPath to be
copied an extra time. The mostly likely protections being sought
here, according to https://cwe.mitre.org/data/definitions/20.html,
look to be DoS attacks involving CPU and memory usage. A simpler
check that uses strnlen(3) can mitigate against both of these and is
simpler.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ubuntu (in particular) restricts ptrace by default for security reasons
but the processe to be traced can allow tracing by a child process
using prctl(). This matches what is done for panic action =
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
We don't pass a tevent_req but a tevent_context to the _send function
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue May 19 12:07:42 UTC 2020 on sn-devel-184
Post checks for overflow/error.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon May 18 23:42:57 UTC 2020 on sn-devel-184
Directly pass the database name and lock order to the core functions,
avoid passing struct db_context.
In the next steps these functions will become public: locking.tdb will
be based on g_lock.c to avoid holding a tdb-level locking.tdb mutex
while doing complex file system operations like unlink() which can
take ages on FAT for example.
This means that g_lock.c will participate in the dbwrap lock order
protection and needs access to dbwrap_lock_order_[un]lock() without
providing a direct db_context.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: awalker <awalker@ixsystems.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed May 13 17:34:43 UTC 2020 on sn-devel-184
A pwrite wrapper that will deal with EINTR and never return a short
write unless the file system returns an error. Copes with the
unspecified edge condition of pwrite returning zero by changing
the return to -1, errno = ENOSPC.
Thread-safe so may be used as a replacement for pwrite
inside pwrite_do() thread functions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
A pread wrapper that will deal with EINTR and never return a short
read unless pread returns zero meaning EOF.
Thread-safe so may be used as a replacement for pread
inside pread_do() thread functions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This implements the contraints of
[MS-FSA] 2.1.5.2 Server Requests a Read.
The special handling of [MS-FSA] 2.1.5.3 Server Requests a Write
with offset < 0, should be handled by higher layers!
Which means the check can also be used for writes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Limit the number of nested conditionals allowed by ldb_parse tree to
128, to avoid potential stack overflow issues.
Credit Oss-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19508
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Sun May 10 23:21:08 UTC 2020 on sn-devel-184
If the ASN.1 depth is zero in asn1_end_tag, call smb_panic. Rather than
ignoring the condition.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This is also used as part of 'ethtool -n rdma14' and
'ethtool -x rdma14'.
;#> ethtool -n rdma14
8 RX rings available
rxclass: Cannot get RX class rule count: Operation not supported
RX classification rule retrieval failed
;#> ethtool -x rdma14
RX flow hash indirection table for rdma14 with 8 RX ring(s):
0: 0 1 2 3 4 5 6 7
8: 0 1 2 3 4 5 6 7
RSS hash key:
Operation not supported
RSS hash function:
toeplitz: on
xor: off
crc32: off
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
I'm not sure if struct initializers would take care of padding,
so I use ZERO_STRUCT().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14345
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Amit Kumar <amitkuma@redhat.com>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu May 7 10:38:29 UTC 2020 on sn-devel-184
Replace DEBUG(0 with DBG_ERR(
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Wed May 6 22:53:02 UTC 2020 on sn-devel-184
One millisecond seems not enough on slow machines, make the timeout 10 msec
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed May 6 11:58:42 UTC 2020 on sn-devel-184
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue May 5 11:24:52 UTC 2020 on sn-devel-184
We want to keep going down the module stack, and not start from the top again.
ASQ is above the ACL modules, but below paged_results and we do not wish to
re-trigger that work.
Thanks to Andrei Popa <andrei.popa@next-gen.ro> for finding,
reporting and working with us to diagnose this issue!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Check the search request lengths against the limits passed to
ldap_decode.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon May 4 04:40:10 UTC 2020 on sn-devel-184
Add search request size limits to ldap_decode calls.
The ldap server uses the smb.conf variable
"ldap max search request size" which defaults to 250Kb.
For cldap the limit is hard coded as 4096.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
I just came across this failure with a new test:
==16654== Invalid read of size 4
==16654== at 0x4950947: tevent_req_is_in_progress (tevent_req.c:270)
==16654== by 0x5AEEE8F: writev_trigger (async_sock.c:375)
==16654== by 0x494F9E7: tevent_queue_immediate_trigger (tevent_queue.c:149)
==16654== by 0x494F53C: tevent_common_invoke_immediate_handler (tevent_immediate.c:166)
==16654== by 0x494F642: tevent_common_loop_immediate (tevent_immediate.c:203)
==16654== by 0x4959E5E: epoll_event_loop_once (tevent_epoll.c:918)
==16654== by 0x495665A: std_event_loop_once (tevent_standard.c:110)
==16654== by 0x494DFCE: _tevent_loop_once (tevent.c:772)
==16654== by 0x4950A6A: tevent_req_poll (tevent_req.c:300)
==16654== by 0x4D166C9: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==16654== by 0x18C98B: run_readdir_timestamp (test_readdir_timestamp.c:489)
==16654== by 0x161BC5: run_test (torture.c:14896)
==16654== by 0x162726: main (torture.c:15136)
==16654== Address 0x91bb878 is 216 bytes inside a block of size 853 free'd
==16654== at 0x48369AB: free (vg_replace_malloc.c:530)
==16654== by 0x49B405E: _tc_free_internal (talloc.c:1221)
==16654== by 0x49B4116: _talloc_free_internal (talloc.c:1247)
==16654== by 0x49B547C: _talloc_free (talloc.c:1789)
==16654== by 0x50ECE3B: smb2cli_req_writev_done (smbXcli_base.c:3468)
==16654== by 0x4950648: _tevent_req_notify_callback (tevent_req.c:141)
==16654== by 0x49507A9: tevent_req_finish (tevent_req.c:193)
==16654== by 0x49507D6: _tevent_req_done (tevent_req.c:199)
==16654== by 0x5AEEE28: writev_do (async_sock.c:363)
==16654== by 0x5AEEE83: writev_trigger (async_sock.c:374)
==16654== by 0x494F9E7: tevent_queue_immediate_trigger (tevent_queue.c:149)
==16654== by 0x494F53C: tevent_common_invoke_immediate_handler (tevent_immediate.c:166)
==16654== by 0x494F642: tevent_common_loop_immediate (tevent_immediate.c:203)
==16654== by 0x4959E5E: epoll_event_loop_once (tevent_epoll.c:918)
==16654== by 0x495665A: std_event_loop_once (tevent_standard.c:110)
==16654== by 0x494DFCE: _tevent_loop_once (tevent.c:772)
==16654== by 0x4950A6A: tevent_req_poll (tevent_req.c:300)
==16654== by 0x4D166C9: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==16654== by 0x18C98B: run_readdir_timestamp (test_readdir_timestamp.c:489)
==16654== by 0x161BC5: run_test (torture.c:14896)
==16654== by 0x162726: main (torture.c:15136)
==16654== Block was alloc'd at
==16654== at 0x483577F: malloc (vg_replace_malloc.c:299)
==16654== by 0x49B300F: __talloc_with_prefix (talloc.c:782)
==16654== by 0x49B31E6: _talloc_pool (talloc.c:837)
==16654== by 0x49B3394: _talloc_pooled_object (talloc.c:905)
==16654== by 0x49501A6: _tevent_req_create (tevent_req.c:79)
==16654== by 0x5AEE956: writev_send (async_sock.c:266)
==16654== by 0x50ECBCA: smb2cli_req_compound_submit (smbXcli_base.c:3396)
==16654== by 0x50ECD49: smb2cli_req_send (smbXcli_base.c:3447)
==16654== by 0x50FE34F: smb2cli_create_send (smb2cli_create.c:153)
==16654== by 0x490325E: cli_smb2_create_fnum_send (cli_smb2_fnum.c:273)
==16654== by 0x48D0146: cli_ntcreate_send (clifile.c:2504)
==16654== by 0x18B737: create_ts_send (test_readdir_timestamp.c:59)
==16654== by 0x18BF77: create_ts_files_send (test_readdir_timestamp.c:253)
==16654== by 0x18C35C: create_files_send (test_readdir_timestamp.c:336)
==16654== by 0x18C953: run_readdir_timestamp (test_readdir_timestamp.c:482)
==16654== by 0x161BC5: run_test (torture.c:14896)
==16654== by 0x162726: main (torture.c:15136)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 23 21:53:38 UTC 2020 on sn-devel-184
Initilalise "stale" to zero before passing a pointer to it to
mdb_reader_check.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Apr 7 12:29:00 UTC 2020 on sn-devel-184
In use process failures and Bind9 shut downs leave stale entries in the
lmdb reader table. This can result in lmdb filling it's database file, as
the free list can not be reclaimed due to the stale reader.
In this fix we call mdb_reader_check at the start of each transaction,
to free any stale readers. As the default maximum number of readers is
127, this should not impact on performance to any great extent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14330
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Mar 31 01:26:07 UTC 2020 on sn-devel-184
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Mar 26 16:22:00 UTC 2020 on sn-devel-184
Every time I have to remove an element from within an array I have to
scratch my head about the memmove arguments. Make this easier to use.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
