1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
samba-mirror/source3
Michael Adam ada59ec7b3 s3:smbd: fix a corner case of the symlink verification
Commit 7606c0db25 fixes the
path checks in check_reduced_name[_with_privilege]() to
prevent unintended access via wide links.

The fix fails to correctly treat a corner case where the share
path is "/". This case is important for some real world
scenarios, notably the use of the glusterfs VFS module:

For the share path "/", the newly introduced checks deny all
operations in the share.

This change fixes the checks for the corner case.
The point is that the assumptions on which the original
checks are based are not true for the rootdir "/" case.
This is the case where the rootdir starts _and ends_ with
a slash. Hence a subdirectory does not continue with a
slash after the rootdir, since the candidate path has
been normalized.

This fix just omits the string comparison and the
next character checks in the case of rootdir "/",
which is correct because we know that the candidate
path is normalized and hence starts with a '/'.

The patch is fairly minimal, but changes indentation,
hence best viewed with 'git show -w'.

A side effect is that the rootdir="/" case needs
one strncmp less.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11647

Pair-Programmed-With: Jose A. Rivera <jarrpa@samba.org>

Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Jose A. Rivera <jarrpa@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Dec 24 00:57:31 CET 2015 on sn-devel-144
2015-12-24 00:57:31 +01:00
..
auth auth: consistent handling of well-known alias as primary gid 2015-11-19 20:17:23 +01:00
build waf: improve iconv checks 2014-01-03 05:04:44 +01:00
client clitar: cope with functions of older versions of libarchive 2015-12-03 16:09:08 +01:00
exports
groupdb Convert all uses of uint32/16/8 to _t in source3/groupdb. 2015-05-14 19:29:19 +02:00
include s3: smbd: VFS change. Add new field bool posix_pathnames into struct smb_request. 2015-12-23 18:23:17 +01:00
intl lang_tdb: don't leak lock_path or data_path onto talloc tos 2014-11-03 23:46:05 +01:00
lib s3: fix encryption help messages 2015-12-22 02:22:50 +01:00
libads libads: Remove "foreign" from ads_struct 2015-12-18 05:24:25 +01:00
libgpo gpo: don't leak cache_path onto talloc tos 2014-10-06 19:18:05 +02:00
libnet repl: Give an error if we get a secret when not expecting one 2015-10-26 05:11:21 +01:00
librpc gss: samba member server returns incorrect error code with some versions of krb5 2015-11-12 01:44:08 +01:00
libsmb s3: libsmb: Correctly initialize the list head when keeping a list of primary followed by DFS connections. 2015-12-18 01:02:55 +01:00
locale s3: fix encryption help messages 2015-12-22 02:22:50 +01:00
locking s3:smbd: convert file_struct.posix_open to a bitmap with flags 2015-12-01 20:45:20 +01:00
modules vfs_fruit: ignore delete on the AFP_Resource stream 2015-12-21 23:21:18 +01:00
nmbd fix uninitialised read in process_host_announce 2015-11-05 21:12:10 +01:00
param s3:smbd: convert file_struct.posix_open to a bitmap with flags 2015-12-01 20:45:20 +01:00
passdb passdb: Change ABI version to 0.24.2 2015-11-30 03:49:25 +01:00
printing lib: Move sys_rw* to lib/util 2015-10-13 01:23:07 +02:00
profile smbprofile: Add dst pid to smbprofile_cleanup 2015-11-16 14:51:33 +01:00
registry Fix various spelling errors 2015-11-06 13:43:45 +01:00
rpc_client source3/rpc_client: Fix CID 1273041 Condition is redundant 2015-08-07 01:31:23 +02:00
rpc_server s3: smbd: Remove lp_posix_pathnames() checks on paths sent in via old Win9X RPC calls. 2015-12-23 18:23:17 +01:00
rpcclient s3: rpcclient: Prevent null ptr access by returning error if no creds available 2015-11-04 22:15:24 +01:00
script CVE-2015-5252: s3: smbd: Fix symlink verification (file access outside the share). 2015-12-16 12:56:48 +01:00
selftest s4:torture:vfs_fruit: remove unused tree2 2015-12-21 23:21:16 +01:00
services Convert all uint32/16/8 to _t in a couple of include files. 2015-05-12 04:22:55 +02:00
smbd s3:smbd: fix a corner case of the symlink verification 2015-12-24 00:57:31 +01:00
stf
torture s3:torture: add traverse testing to LOCAL-RBTREE 2015-11-27 13:16:59 +01:00
utils net: Fix Coverity ID 241039 Unchecked return value 2015-12-23 17:17:53 +01:00
web
winbindd Fix typo in winbindd_cm.c 2015-12-23 03:31:09 +01:00
.clang_complete lib: Remove tdb_compat 2015-03-17 11:30:52 +01:00
.dmallocrc
.indent.pro
change-log
Doxyfile
mainpage.dox
smbadduser.in
wscript clitar: cope with functions of older versions of libarchive 2015-12-03 16:09:08 +01:00
wscript_build lib: Separate out xx_path() & callers 2015-12-14 20:23:13 +01:00
wscript_configure_system_ncurses Transition to waf 1.8: wrapped conf.check_cfg 2015-03-16 03:00:07 +01:00