The Samba-Bugzilla – Attachment 7412 Details for
Bug 8811
sd_has_inheritable_components segfaults on an SD that se_access_check accepts
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
git-am fix for 3.6.next
0001-Complete-fix-for-bug-8811-sd_has_inheritable_compone.patch (text/plain), 3.43 KB, created by
Jeremy Allison
on 2012-03-30 19:01:30 UTC
(
hide
)
Description:
git-am fix for 3.6.next
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2012-03-30 19:01:30 UTC
Size:
3.43 KB
patch
obsolete
>From 95b351dfaa2065ff2d15954c3d24ea56558d0e7d Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Fri, 30 Mar 2012 11:58:31 -0700 >Subject: [PATCH] Complete fix for bug #8811 - sd_has_inheritable_components > segfaults on an SD that se_access_check accepts. > >--- > source3/lib/secdesc.c | 4 ++++ > source3/modules/vfs_acl_common.c | 25 ++++++++++++++++++++----- > source3/smbd/file_access.c | 5 ++++- > 3 files changed, 28 insertions(+), 6 deletions(-) > >diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c >index 001eccb..007e097 100644 >--- a/source3/lib/secdesc.c >+++ b/source3/lib/secdesc.c >@@ -534,6 +534,10 @@ bool sd_has_inheritable_components(const struct security_descriptor *parent_ctr, > unsigned int i; > const struct security_acl *the_acl = parent_ctr->dacl; > >+ if (the_acl == NULL) { >+ return false; >+ } >+ > for (i = 0; i < the_acl->num_aces; i++) { > const struct security_ace *ace = &the_acl->aces[i]; > >diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c >index 016bb9f..fe4c822 100644 >--- a/source3/modules/vfs_acl_common.c >+++ b/source3/modules/vfs_acl_common.c >@@ -166,7 +166,7 @@ static NTSTATUS create_acl_blob(const struct security_descriptor *psd, > CREATOR_OWNER/CREATOR_GROUP/WORLD. > *******************************************************************/ > >-static void add_directory_inheritable_components(vfs_handle_struct *handle, >+static NTSTATUS add_directory_inheritable_components(vfs_handle_struct *handle, > const char *name, > SMB_STRUCT_STAT *psbuf, > struct security_descriptor *psd) >@@ -184,7 +184,7 @@ static void add_directory_inheritable_components(vfs_handle_struct *handle, > num_aces + 3); > > if (new_ace_list == NULL) { >- return; >+ return NT_STATUS_NO_MEMORY; > } > > /* Fake a quick smb_filename. */ >@@ -236,8 +236,19 @@ static void add_directory_inheritable_components(vfs_handle_struct *handle, > SEC_ACE_FLAG_CONTAINER_INHERIT| > SEC_ACE_FLAG_OBJECT_INHERIT| > SEC_ACE_FLAG_INHERIT_ONLY); >- psd->dacl->aces = new_ace_list; >- psd->dacl->num_aces += 3; >+ if (psd->dacl) { >+ psd->dacl->aces = new_ace_list; >+ psd->dacl->num_aces += 3; >+ } else { >+ psd->dacl = make_sec_acl(talloc_tos(), >+ NT4_ACL_REVISION, >+ 3, >+ new_ace_list); >+ if (psd->dacl == NULL) { >+ return NT_STATUS_NO_MEMORY; >+ } >+ } >+ return NT_STATUS_OK; > } > > /******************************************************************* >@@ -393,10 +404,14 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle, > if (is_directory && > !sd_has_inheritable_components(psd, > true)) { >- add_directory_inheritable_components(handle, >+ status = add_directory_inheritable_components( >+ handle, > name, > psbuf, > psd); >+ if (!NT_STATUS_IS_OK(status)) { >+ return status; >+ } > } > /* The underlying POSIX module always sets > the ~SEC_DESC_DACL_PROTECTED bit, as ACLs >diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c >index 9f95d68..bd65a70 100644 >--- a/source3/smbd/file_access.c >+++ b/source3/smbd/file_access.c >@@ -261,7 +261,10 @@ bool directory_has_default_acl(connection_struct *conn, const char *fname) > NTSTATUS status = SMB_VFS_GET_NT_ACL(conn, fname, > SECINFO_DACL, &secdesc); > >- if (!NT_STATUS_IS_OK(status) || secdesc == NULL) { >+ if (!NT_STATUS_IS_OK(status) || >+ secdesc == NULL || >+ secdesc->dacl == NULL) { >+ TALLOC_FREE(secdesc); > return false; > } > >-- >1.7.7.3 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
jra
:
review?
(
rsharpe
)
Actions:
View
Attachments on
bug 8811
:
7385
|
7397
| 7412