The Samba-Bugzilla – Attachment 7244 Details for
Bug 8710
connections.tdb - major leak with SMB2
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
git-am patch for 3.6.x.
0001-Fix-bug-8710-connections.tdb-major-leak-with-SMB2.patch (text/plain), 7.55 KB, created by
Jeremy Allison
on 2012-01-18 22:38:40 UTC
(
hide
)
Description:
git-am patch for 3.6.x.
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2012-01-18 22:38:40 UTC
Size:
7.55 KB
patch
obsolete
>From 210365315a7f7c0fbaa7f844be7b29bb1932b990 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Wed, 18 Jan 2012 12:38:14 -0800 >Subject: [PATCH] Fix bug 8710 - connections.tdb - major leak with SMB2. > >Ensure the cnum used to claim the connection for SMB2 is the >id that will be used for the SMB2 tcon. Based on code from >Ira Cooper <ira@wakeful.net>. > >Autobuild-User: Jeremy Allison <jra@samba.org> >Autobuild-Date: Wed Jan 18 23:14:32 CET 2012 on sn-devel-104 >(cherry picked from commit 39c627b60754bd89c419b2d7e32d32c7a9af5a11) >--- > source3/smbd/proto.h | 6 ++- > source3/smbd/service.c | 88 +++++++++++++++++++++++++++++++++++++--------- > source3/smbd/smb2_tcon.c | 6 ++-- > 3 files changed, 78 insertions(+), 22 deletions(-) > >diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h >index 02b5e40..aadad4b 100644 >--- a/source3/smbd/proto.h >+++ b/source3/smbd/proto.h >@@ -981,8 +981,10 @@ bool set_current_service(connection_struct *conn, uint16 flags, bool do_chdir); > void load_registry_shares(void); > int add_home_service(const char *service, const char *username, const char *homedir); > int find_service(TALLOC_CTX *ctx, const char *service, char **p_service_out); >-connection_struct *make_connection_snum(struct smbd_server_connection *sconn, >- int snum, user_struct *vuser, >+struct smbd_smb2_tcon; >+connection_struct *make_connection_smb2(struct smbd_server_connection *sconn, >+ struct smbd_smb2_tcon *tcon, >+ user_struct *vuser, > DATA_BLOB password, > const char *pdev, > NTSTATUS *pstatus); >diff --git a/source3/smbd/service.c b/source3/smbd/service.c >index d88c02c..34b24f3 100644 >--- a/source3/smbd/service.c >+++ b/source3/smbd/service.c >@@ -736,13 +736,13 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum) > connecting user if appropriate. > ****************************************************************************/ > >-connection_struct *make_connection_snum(struct smbd_server_connection *sconn, >+static connection_struct *make_connection_snum(struct smbd_server_connection *sconn, >+ connection_struct *conn, > int snum, user_struct *vuser, > DATA_BLOB password, > const char *pdev, > NTSTATUS *pstatus) > { >- connection_struct *conn = NULL; > struct smb_filename *smb_fname_cpath = NULL; > fstring dev; > int ret; >@@ -759,13 +759,6 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, > goto err_root_exit; > } > >- conn = conn_new(sconn); >- if (!conn) { >- DEBUG(0,("Couldn't find free connection.\n")); >- *pstatus = NT_STATUS_INSUFFICIENT_RESOURCES; >- goto err_root_exit; >- } >- > conn->params->service = snum; > > status = create_connection_session_info(sconn, >@@ -815,7 +808,6 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, > > status = set_conn_force_user_group(conn, snum); > if (!NT_STATUS_IS_OK(status)) { >- conn_free(conn); > *pstatus = status; > return NULL; > } >@@ -1112,14 +1104,76 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, > if (claimed_connection) { > yield_connection(conn, lp_servicename(snum)); > } >- if (conn) { >+ return NULL; >+} >+ >+/**************************************************************************** >+ Make a connection to a service from SMB1. Internal interface. >+****************************************************************************/ >+ >+static connection_struct *make_connection_smb1(struct smbd_server_connection *sconn, >+ int snum, user_struct *vuser, >+ DATA_BLOB password, >+ const char *pdev, >+ NTSTATUS *pstatus) >+{ >+ connection_struct *ret_conn = NULL; >+ connection_struct *conn = conn_new(sconn); >+ if (!conn) { >+ DEBUG(0,("make_connection_smb1: Couldn't find free connection.\n")); >+ *pstatus = NT_STATUS_INSUFFICIENT_RESOURCES; >+ return NULL; >+ } >+ ret_conn = make_connection_snum(sconn, >+ conn, >+ snum, >+ vuser, >+ password, >+ pdev, >+ pstatus); >+ if (ret_conn != conn) { > conn_free(conn); >+ return NULL; > } >- return NULL; >+ return conn; >+} >+ >+/**************************************************************************** >+ Make a connection to a service from SMB2. External SMB2 interface. >+ We must set cnum before claiming connection. >+****************************************************************************/ >+ >+connection_struct *make_connection_smb2(struct smbd_server_connection *sconn, >+ struct smbd_smb2_tcon *tcon, >+ user_struct *vuser, >+ DATA_BLOB password, >+ const char *pdev, >+ NTSTATUS *pstatus) >+{ >+ connection_struct *ret_conn = NULL; >+ connection_struct *conn = conn_new(sconn); >+ if (!conn) { >+ DEBUG(0,("make_connection_smb2: Couldn't find free connection.\n")); >+ *pstatus = NT_STATUS_INSUFFICIENT_RESOURCES; >+ return NULL; >+ } >+ conn->cnum = tcon->tid; >+ ret_conn = make_connection_snum(sconn, >+ conn, >+ tcon->snum, >+ vuser, >+ password, >+ pdev, >+ pstatus); >+ if (ret_conn != conn) { >+ conn_free(conn); >+ return NULL; >+ } >+ return conn; > } > > /**************************************************************************** >- Make a connection to a service. >+ Make a connection to a service. External SMB1 interface. > * > * @param service > ****************************************************************************/ >@@ -1182,7 +1236,7 @@ connection_struct *make_connection(struct smbd_server_connection *sconn, > } > DEBUG(5, ("making a connection to [homes] service " > "created at session setup time\n")); >- return make_connection_snum(sconn, >+ return make_connection_smb1(sconn, > vuser->homes_snum, > vuser, no_pw, > dev, status); >@@ -1206,7 +1260,7 @@ connection_struct *make_connection(struct smbd_server_connection *sconn, > DEBUG(5, ("making a connection to 'homes' " > "service %s based on " > "security=share\n", service_in)); >- return make_connection_snum(sconn, >+ return make_connection_smb1(sconn, > snum, NULL, > password, > dev, status); >@@ -1218,7 +1272,7 @@ connection_struct *make_connection(struct smbd_server_connection *sconn, > DATA_BLOB no_pw = data_blob_null; > DEBUG(5, ("making a connection to 'homes' service [%s] " > "created at session setup time\n", service_in)); >- return make_connection_snum(sconn, >+ return make_connection_smb1(sconn, > vuser->homes_snum, > vuser, no_pw, > dev, status); >@@ -1266,7 +1320,7 @@ connection_struct *make_connection(struct smbd_server_connection *sconn, > > DEBUG(5, ("making a connection to 'normal' service %s\n", service)); > >- return make_connection_snum(sconn, snum, vuser, >+ return make_connection_smb1(sconn, snum, vuser, > password, > dev, status); > } >diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c >index f1f03e8..5ca303e 100644 >--- a/source3/smbd/smb2_tcon.c >+++ b/source3/smbd/smb2_tcon.c >@@ -228,8 +228,9 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req, > tcon->session->sconn->num_tcons_open++; > talloc_set_destructor(tcon, smbd_smb2_tcon_destructor); > >- compat_conn = make_connection_snum(req->sconn, >- snum, req->session->compat_vuser, >+ compat_conn = make_connection_smb2(req->sconn, >+ tcon, >+ req->session->compat_vuser, > data_blob_null, "???", > &status); > if (compat_conn == NULL) { >@@ -237,7 +238,6 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req, > return status; > } > tcon->compat_conn = talloc_move(tcon, &compat_conn); >- tcon->compat_conn->cnum = tcon->tid; > > if (IS_PRINT(tcon->compat_conn)) { > *out_share_type = SMB2_SHARE_TYPE_PRINT; >-- >1.7.7.3 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
metze
:
review+
Actions:
View
Attachments on
bug 8710
: 7244