From 9dd0d8da766fad8d61badce6803daccb16b81be1 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 12 Jan 2023 10:22:09 -0800 Subject: [PATCH 1/2] selftest: Show vfs_virusscanner crashes when traversing a 2-level directory tree. Modify check_infected_read() test to use a 2-level deep directory. We must have vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no set on the virusscanner share as otherwise the openat flag shortcut defeats the test. Add knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15283 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke (cherry picked from commit c844bff3eca336547c6cedfeeb03adda4eed57c6) --- selftest/knownfail.d/virusscanner | 1 + selftest/target/Samba3.pm | 1 + source3/script/tests/test_virus_scanner.sh | 25 ++++++++++++++++------ 3 files changed, 20 insertions(+), 7 deletions(-) create mode 100644 selftest/knownfail.d/virusscanner diff --git a/selftest/knownfail.d/virusscanner b/selftest/knownfail.d/virusscanner new file mode 100644 index 00000000000..9bcaae7b4d1 --- /dev/null +++ b/selftest/knownfail.d/virusscanner @@ -0,0 +1 @@ +^samba3.blackbox.virus_scanner.check_infected_read\(fileserver:local\) diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 64374ab9bcd..e341adaa5c4 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -1940,6 +1940,7 @@ sub setup_fileserver virusfilter:infected files = *infected* virusfilter:infected file action = rename virusfilter:scan on close = yes + vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no [volumeserialnumber] path = $volume_serial_number_sharedir diff --git a/source3/script/tests/test_virus_scanner.sh b/source3/script/tests/test_virus_scanner.sh index 913c353028b..83b50df915f 100755 --- a/source3/script/tests/test_virus_scanner.sh +++ b/source3/script/tests/test_virus_scanner.sh @@ -26,25 +26,36 @@ check_infected_read() { rm -rf "${sharedir:?}"/* - if ! touch "${sharedir}/infected.txt"; then - echo "ERROR: Cannot create ${sharedir}/infected.txt" + if ! mkdir "${sharedir}/read1"; then + echo "ERROR: Cannot create ${sharedir}/read1" + return 1 + fi + + if ! mkdir "${sharedir}/read1/read2"; then + echo "ERROR: Cannot create ${sharedir}/read1/read2" return 1 fi - ${SMBCLIENT} "//${SERVER_IP}/${SHARE}" -U"${USER}"%"${PASSWORD}" -c "get infected.txt ${sharedir}/infected.download.txt" + if ! touch "${sharedir}/read1/read2/infected.txt"; then + echo "ERROR: Cannot create ${sharedir}/read1/read2/infected.txt" + return 1 + fi + + ${SMBCLIENT} "//${SERVER_IP}/${SHARE}" -U"${USER}"%"${PASSWORD}" -c "get read1/read2/infected.txt ${sharedir}/read1/read2/infected.download.txt" # check that virusfilter:rename prefix/suffix was added - if [ ! -f "${sharedir}/virusfilter.infected.txt.infected" ]; then - echo "ERROR: ${sharedir}/virusfilter.infected.txt.infected is missing." + if [ ! -f "${sharedir}/read1/read2/virusfilter.infected.txt.infected" ]; then + echo "ERROR: ${sharedir}/read1/read2/virusfilter.infected.txt.infected is missing." return 1 fi # check that file was not downloaded - if [ -f "${sharedir}/infected.download.txt" ]; then - echo "ERROR: {sharedir}/infected.download.txt should not exist." + if [ -f "${sharedir}/read1/read2/infected.download.txt" ]; then + echo "ERROR: {sharedir}/read1/read2/infected.download.txt should not exist." return 1 fi + rm -rf "${sharedir:?}"/* return 0 } -- 2.30.2 From 6abf55bccc161c2c55b47375c2176e3fce0b029a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 12 Jan 2023 11:20:08 -0800 Subject: [PATCH 2/2] s3: smbd: Tweak openat_pathref_dirfsp_nosymlink() to NULL out fsp->fsp_name after calling fd_close() on intermediate directories, rather than before. vfs_virusfilter expects a non-NULL fsp->fsp_name to use for printing debugs (it always indirects fsp->fsp_name). vfs_fruit also does the same, so would also crash in fruit_close() with 'debug level = 10' and vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no set (we don't test with that which is why we haven't noticed this before). Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15283 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Jan 13 08:33:47 UTC 2023 on sn-devel-184 (cherry picked from commit 3d3d01cda8d3a6d0d18d1b808aa9414e71d56062) --- selftest/knownfail.d/virusscanner | 1 - source3/smbd/files.c | 4 ++-- 2 files changed, 2 insertions(+), 3 deletions(-) delete mode 100644 selftest/knownfail.d/virusscanner diff --git a/selftest/knownfail.d/virusscanner b/selftest/knownfail.d/virusscanner deleted file mode 100644 index 9bcaae7b4d1..00000000000 --- a/selftest/knownfail.d/virusscanner +++ /dev/null @@ -1 +0,0 @@ -^samba3.blackbox.virus_scanner.check_infected_read\(fileserver:local\) diff --git a/source3/smbd/files.c b/source3/smbd/files.c index 9b0c902c0d4..3d62e97fc8a 100644 --- a/source3/smbd/files.c +++ b/source3/smbd/files.c @@ -1053,9 +1053,9 @@ next: } if (dirfsp != conn->cwd_fsp) { - dirfsp->fsp_name = NULL; SMB_ASSERT(fsp_get_pathref_fd(dirfsp) != -1); fd_close(dirfsp); + dirfsp->fsp_name = NULL; file_free(NULL, dirfsp); dirfsp = NULL; } @@ -1117,9 +1117,9 @@ fail: } if ((dirfsp != NULL) && (dirfsp != conn->cwd_fsp)) { - dirfsp->fsp_name = NULL; SMB_ASSERT(fsp_get_pathref_fd(dirfsp) != -1); fd_close(dirfsp); + dirfsp->fsp_name = NULL; file_free(NULL, dirfsp); dirfsp = NULL; } -- 2.30.2