The Samba-Bugzilla – Attachment 17908 Details for
Bug 2312
smbcacls and smbcquotas do not check // before the server
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
backported patch for stable branches
0001-smbcacls-smbcquotas-check-for-valid-UNC-path.patch (text/plain), 1.61 KB, created by
Björn Jacke
on 2023-06-06 14:06:49 UTC
(
hide
)
Description:
backported patch for stable branches
Filename:
MIME Type:
Creator:
Björn Jacke
Created:
2023-06-06 14:06:49 UTC
Size:
1.61 KB
patch
obsolete
>From fa57d017ed8ff46e4522858696f3eaf0c830c608 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?Bj=C3=B6rn=20Jacke?= <bj@sernet.de> >Date: Tue, 10 Jan 2023 12:25:35 +0100 >Subject: [PATCH] smbcacls/smbcquotas: check for valid UNC path > >we used to strip the first two characters of the path and used that. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=2312 > >Signed-off-by: Bjoern Jacke <bjacke@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> > >Autobuild-User(master): Stefan Metzmacher <metze@samba.org> >Autobuild-Date(master): Tue Jun 6 09:33:47 UTC 2023 on atb-devel-224 > >(cherry picked from commit fcedf5514b121914483bbc0ffe77580929093ac6) >--- > source3/utils/smbcacls.c | 5 +++++ > source3/utils/smbcquotas.c | 5 +++++ > 2 files changed, 10 insertions(+) > >diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c >index 71cd93b8bc7..6e6a5d932be 100644 >--- a/source3/utils/smbcacls.c >+++ b/source3/utils/smbcacls.c >@@ -1736,6 +1736,11 @@ int main(int argc, char *argv[]) > return -1; > } > >+ if (strncmp(path, "\\\\", 2) && strncmp(path, "//", 2)) { >+ printf("Invalid argument: %s\n", path); >+ return -1; >+ } >+ > if(!poptPeekArg(pc)) { > poptPrintUsage(pc, stderr, 0); > return -1; >diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c >index 748334a04a6..ce8ca2fafd0 100644 >--- a/source3/utils/smbcquotas.c >+++ b/source3/utils/smbcquotas.c >@@ -760,6 +760,11 @@ int main(int argc, char *argv[]) > exit(EXIT_PARSE_ERROR); > } > >+ if (strncmp(path, "\\\\", 2) && strncmp(path, "//", 2)) { >+ printf("Invalid argument: %s\n", path); >+ return -1; >+ } >+ > poptFreeContext(pc); > samba_cmdline_burn(argc, argv); > >-- >2.38.0 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=17908">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
metze
:
review+
Actions:
View
Attachments on
bug 2312
:
947
|
949
| 17908