The Samba-Bugzilla – Attachment 11926 Details for
Bug 11799
use after free in smbd in durable reconnect
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Test git-am patch.
0001-s3-smbd-Fix-use-after-free-when-singleton-cache-is-l.patch (text/plain), 1.24 KB, created by
Jeremy Allison
on 2016-03-16 23:54:17 UTC
(
hide
)
Description:
Test git-am patch.
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2016-03-16 23:54:17 UTC
Size:
1.24 KB
patch
obsolete
>From 2642639d5e5a0c64722b9e6eb883daa6e46f433a Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Wed, 16 Mar 2016 16:52:56 -0700 >Subject: [PATCH] s3: smbd: Fix use-after free when singleton cache is left > invalid. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=11799 > >Signed-off-by: Jeremy Allison <jra@samba.org> >--- > source3/smbd/files.c | 10 +++++----- > 1 file changed, 5 insertions(+), 5 deletions(-) > >diff --git a/source3/smbd/files.c b/source3/smbd/files.c >index 8fefddd..1a7b48e 100644 >--- a/source3/smbd/files.c >+++ b/source3/smbd/files.c >@@ -500,6 +500,11 @@ void fsp_free(files_struct *fsp) > > fsp->conn->num_files_open--; > >+ /* Closing a file can invalidate the positive cache. */ >+ if (fsp == sconn->fsp_fi_cache.fsp) { >+ ZERO_STRUCT(sconn->fsp_fi_cache); >+ } >+ > /* this is paranoia, just in case someone tries to reuse the > information */ > ZERO_STRUCTP(fsp); >@@ -540,11 +545,6 @@ void file_free(struct smb_request *req, files_struct *fsp) > remove_smb2_chained_fsp(fsp); > } > >- /* Closing a file can invalidate the positive cache. */ >- if (fsp == sconn->fsp_fi_cache.fsp) { >- ZERO_STRUCT(sconn->fsp_fi_cache); >- } >- > /* Drop all remaining extensions. */ > vfs_remove_all_fsp_extensions(fsp); > >-- >2.7.0.rc3.207.g0ac5344 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
jra
:
review?
(
obnox
)
Actions:
View
Attachments on
bug 11799
: 11926