The Samba-Bugzilla – Attachment 13109 Details for
Bug 12721
CVE-2017-2619 regression with "follow symlinks = no"
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
git-am fix for master.
0001-s3-smbd-Fix-incorrect-logic-exposed-by-fix-for-the-s.patch (text/plain), 1.16 KB, created by
Jeremy Allison
on 2017-03-27 17:53:11 UTC
(
hide
)
Description:
git-am fix for master.
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2017-03-27 17:53:11 UTC
Size:
1.16 KB
patch
obsolete
>From 067596477a1efb2ea1e063384c50f907b0570fb5 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Mon, 27 Mar 2017 10:46:47 -0700 >Subject: [PATCH] s3: smbd: Fix incorrect logic exposed by fix for the security > bug 12496 (CVE-2017-2619). > >In a UNIX filesystem, the names "." and ".." by definition can *never* >be symlinks - they are already reserved names. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12721 > >Signed-off-by: Jeremy Allison <jra@samba.org> >--- > source3/smbd/vfs.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > >diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c >index 35f560b8676..5133fe5c2fd 100644 >--- a/source3/smbd/vfs.c >+++ b/source3/smbd/vfs.c >@@ -1307,8 +1307,11 @@ NTSTATUS check_reduced_name(connection_struct *conn, const char *fname) > /* fname can't have changed in resolved_path. */ > const char *p = &resolved_name[rootdir_len]; > >- /* *p can be '\0' if fname was "." */ >- if (*p == '\0' && ISDOT(fname)) { >+ /* >+ * UNIX filesystem semantics, names consisting >+ * only of "." or ".." CANNOT be symlinks. >+ */ >+ if (ISDOT(fname) || ISDOTDOT(fname)) { > goto out; > } > >-- >2.12.1.578.ge9c3154ca4-goog >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 12721
:
13109
|
13110
|
13111
|
13112
|
13117
|
13118
|
13121
|
13128
|
13130