The Samba-Bugzilla – Attachment 17850 Details for
Bug 15306
Floating point exception (FPE) via cli_pull_send at source3/libsmb/clireadwrite.c
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
git-am fix for 4.18.next
bug-15306-4.18 (text/plain), 6.68 KB, created by
Jeremy Allison
on 2023-03-29 22:45:27 UTC
(
hide
)
Description:
git-am fix for 4.18.next
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2023-03-29 22:45:27 UTC
Size:
6.68 KB
patch
obsolete
>From f73b4af2f0fdf51c9b868e1fe41d95e8abbac886 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Tue, 21 Mar 2023 10:31:36 -0700 >Subject: [PATCH 1/2] tests: Add samba3.blackbox.zero_readsize test. > >smbclient crashes when smbd has "smb2 max read = 0" >in the [global] section of smb.conf. > >We should fail the protocol negotiation with >NT_STATUS_INVALID_NETWORK_RESPONSE in this case. > >Adds knownfail. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15306 > >Signed-off-by: Jeremy Allison <jra@samba.org> >Reviewed-by: Ralph Boehme <slow@samba.org> >(cherry picked from commit 006fe806782c42e860ed2cf2bc9f6b1b82c3a307) >--- > selftest/knownfail.d/smb2_zero_readsize | 1 + > source3/script/tests/test_zero_readsize.sh | 101 +++++++++++++++++++++ > source3/selftest/tests.py | 12 +++ > 3 files changed, 114 insertions(+) > create mode 100644 selftest/knownfail.d/smb2_zero_readsize > create mode 100755 source3/script/tests/test_zero_readsize.sh > >diff --git a/selftest/knownfail.d/smb2_zero_readsize b/selftest/knownfail.d/smb2_zero_readsize >new file mode 100644 >index 00000000000..c7ec92cd629 >--- /dev/null >+++ b/selftest/knownfail.d/smb2_zero_readsize >@@ -0,0 +1 @@ >+^samba3.blackbox.zero_readsize.smb2_zero_readsize\(simpleserver:local\) >diff --git a/source3/script/tests/test_zero_readsize.sh b/source3/script/tests/test_zero_readsize.sh >new file mode 100755 >index 00000000000..f859599ba89 >--- /dev/null >+++ b/source3/script/tests/test_zero_readsize.sh >@@ -0,0 +1,101 @@ >+#!/usr/bin/env bash >+# >+# Test setting smb2 max read = 0. >+# >+# BUG: https://bugzilla.samba.org/show_bug.cgi?id=15306 >+# >+ >+if [ $# -lt 6 ]; then >+ cat <<EOF >+Usage: $0 SERVERCONFFILE SMBCLIENT SMBCONTROL SERVER SHARE PREFIX >+EOF >+ exit 1 >+fi >+ >+CONF=${1} >+shift 1 >+SMBCLIENT=${1} >+shift 1 >+SMBCONTROL=${1} >+shift 1 >+SERVER=${1} >+shift 1 >+SHARE=${1} >+shift 1 >+PREFIX=${1} >+shift 1 >+ >+SMBCLIENT="$VALGRIND ${SMBCLIENT}" >+ADDARGS="$@" >+ >+incdir=$(dirname "$0")/../../../testprogs/blackbox >+. "$incdir"/subunit.sh >+ >+failed=0 >+ >+# >+# Setup function >+# >+do_setup() >+{ >+ rm -f "${PREFIX}/zero_read_testfile" >+ rm -f "${PREFIX}/zero_read_testfile_get" >+ dd if=/dev/zero of="${PREFIX}/zero_read_testfile" bs=1024 count=1 >+ global_inject_conf="$(dirname "${SERVERCONFFILE}")/global_inject.conf" >+ echo "smb2 max read = 0" >"$global_inject_conf" >+ ${SMBCONTROL} ${CONF} smbd reload-config >+} >+ >+do_cleanup() >+{ >+ rm -f "${PREFIX}/zero_read_testfile" >+ rm -f "${PREFIX}/zero_read_testfile_get" >+ global_inject_conf="$(dirname "${SERVERCONFFILE}")/global_inject.conf" >+ rm "$global_inject_conf" >+ ${SMBCONTROL} ${CONF} smbd reload-config >+} >+ >+test_smb2_zero_readsize() >+{ >+ local tmpfile="$PREFIX/smbclient.in.$$" >+ >+ cat >"$tmpfile" <<EOF >+lcd $PREFIX >+put zero_read_testfile zero_read_testfile_put >+get zero_read_testfile_put zero_read_testfile_get >+del zero_read_testfile_put >+quit >+EOF >+ >+ local cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT //$SERVER/$SHARE -U$USERNAME%$PASSWORD $ADDARGS < $tmpfile 2>&1' >+ eval echo "$cmd" >+ out=$(eval "$cmd") >+ ret=$? >+ >+ # Check for smbclient error. >+ # We should have failed the protocol negotiation, returning 1. >+ if [ $ret != 1 ]; then >+ echo "smbclient protocol negotiation succeeded (should have failed) zero read testfile $ret" >+ echo "$out" >+ return 1 >+ fi >+ >+ # We should get NT_STATUS_INVALID_NETWORK_RESPONSE >+ echo "$out" | grep NT_STATUS_INVALID_NETWORK_RESPONSE >+ ret=$? >+ if [ $ret -ne 0 ]; then >+ echo "Should get NT_STATUS_INVALID_NETWORK_RESPONSE" >+ echo "$out" >+ return 1 >+ fi >+ rm "$tmpfile" >+ return 0 >+} >+ >+do_setup >+ >+testit "smb2_zero_readsize" test_smb2_zero_readsize || failed=$((failed + 1)) >+ >+do_cleanup >+ >+testok "$0" "$failed" >diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py >index eab160908ea..fc3227be9b5 100755 >--- a/source3/selftest/tests.py >+++ b/source3/selftest/tests.py >@@ -1410,6 +1410,18 @@ plantestsuite("samba3.blackbox.chdir-cache", "simpleserver:local", > '$PREFIX', > 'simpleserver']) > >+plantestsuite("samba3.blackbox.zero_readsize", >+ "simpleserver:local", >+ [os.path.join(samba3srcdir, >+ "script/tests/test_zero_readsize.sh"), >+ configuration, >+ os.path.join(bindir(), "smbclient"), >+ os.path.join(bindir(), "smbcontrol"), >+ '$SERVER_IP', >+ "tmp", >+ "$PREFIX", >+ "-mSMB2"]) >+ > plantestsuite("samba3.blackbox.netfileenum", "simpleserver:local", > [os.path.join(samba3srcdir, > "script/tests/test_netfileenum.sh"), >-- >2.34.1 > > >From f2b7ef527e75f8d1a8fd309d0caae1cfcfd61908 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Tue, 21 Mar 2023 10:34:46 -0700 >Subject: [PATCH 2/2] s3: libcli: Refuse to connect to any server with zero > values for max_trans_size, max_read_size, max_write_size. >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >There's nothing we can do to such a server (this >now matches the behavior for SMB1). > >Remove knownfail. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15306 > >Signed-off-by: Jeremy Allison <jra@samba.org> >Reviewed-by: Ralph Boehme <slow@samba.org> > >Autobuild-User(master): Ralph Böhme <slow@samba.org> >Autobuild-Date(master): Wed Mar 29 18:58:33 UTC 2023 on atb-devel-224 > >(cherry picked from commit 76573d6d8f168d6e6107af26a434b8c71aaf93af) >--- > libcli/smb/smbXcli_base.c | 11 +++++++++++ > selftest/knownfail.d/smb2_zero_readsize | 1 - > 2 files changed, 11 insertions(+), 1 deletion(-) > delete mode 100644 selftest/knownfail.d/smb2_zero_readsize > >diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c >index aaf2d405a94..a2a551d0f79 100644 >--- a/libcli/smb/smbXcli_base.c >+++ b/libcli/smb/smbXcli_base.c >@@ -5128,6 +5128,17 @@ static void smbXcli_negprot_smb2_done(struct tevent_req *subreq) > conn->smb2.server.system_time = BVAL(body, 40); > conn->smb2.server.start_time = BVAL(body, 48); > >+ if (conn->smb2.server.max_trans_size == 0 || >+ conn->smb2.server.max_read_size == 0 || >+ conn->smb2.server.max_write_size == 0) { >+ /* >+ * We can't connect to servers we can't >+ * do any operations on. >+ */ >+ tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE); >+ return; >+ } >+ > security_offset = SVAL(body, 56); > security_length = SVAL(body, 58); > >diff --git a/selftest/knownfail.d/smb2_zero_readsize b/selftest/knownfail.d/smb2_zero_readsize >deleted file mode 100644 >index c7ec92cd629..00000000000 >--- a/selftest/knownfail.d/smb2_zero_readsize >+++ /dev/null >@@ -1 +0,0 @@ >-^samba3.blackbox.zero_readsize.smb2_zero_readsize\(simpleserver:local\) >-- >2.34.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
slow
:
review+
Actions:
View
Attachments on
bug 15306
:
17823
|
17824
|
17825
|
17836
|
17837
|
17838
| 17850 |
17851