The Samba-Bugzilla – Attachment 9035 Details for
Bug 10003
s3-lib:segmentation fault while reading incomplete session info
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch set for 4.0 cherry-picked from master
fixBug10003_4.0.patch (text/plain), 6.05 KB, created by
Björn Baumbach
on 2013-07-10 07:48:18 UTC
(
hide
)
Description:
patch set for 4.0 cherry-picked from master
Filename:
MIME Type:
Creator:
Björn Baumbach
Created:
2013-07-10 07:48:18 UTC
Size:
6.05 KB
patch
obsolete
>From 9ca12ede242415118ff0e5a969f059fa5785962a Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?Bj=C3=B6rn=20Baumbach?= <bb@sernet.de> >Date: Fri, 5 Jul 2013 13:19:59 +0200 >Subject: [PATCH 1/3] s3-lib: fix segf while reading incomplete session info > (bug #10003) >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Pair-programmed-with: Stefan Metzmacher <metze@samba.org> > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Signed-off-by: Björn Baumbach <bb@sernet.de> >Reviewed-by: Jeremy Allison <jra@samba.org> >(cherry picked from commit 53aa069b97070c73b782e2868b9b9686abe353cc) >--- > source3/lib/conn_tdb.c | 9 +++++++-- > source3/lib/sessionid_tdb.c | 15 ++++++++++----- > 2 files changed, 17 insertions(+), 7 deletions(-) > >diff --git a/source3/lib/conn_tdb.c b/source3/lib/conn_tdb.c >index a7e7cf0..bb7618f 100644 >--- a/source3/lib/conn_tdb.c >+++ b/source3/lib/conn_tdb.c >@@ -53,8 +53,13 @@ static int collect_sessions_fn(struct smbXsrv_session_global0 *global, > uint32_t id = global->session_global_id; > struct connections_forall_session sess; > >- sess.uid = global->auth_session_info->unix_token->uid; >- sess.gid = global->auth_session_info->unix_token->gid; >+ if (global->auth_session_info == NULL) { >+ sess.uid = -1; >+ sess.gid = -1; >+ } else { >+ sess.uid = global->auth_session_info->unix_token->uid; >+ sess.gid = global->auth_session_info->unix_token->gid; >+ } > strncpy(sess.machine, global->channels[0].remote_name, sizeof(sess.machine)); > strncpy(sess.addr, global->channels[0].remote_address, sizeof(sess.addr)); > >diff --git a/source3/lib/sessionid_tdb.c b/source3/lib/sessionid_tdb.c >index 045b3d2..7a19611 100644 >--- a/source3/lib/sessionid_tdb.c >+++ b/source3/lib/sessionid_tdb.c >@@ -38,16 +38,21 @@ static int sessionid_traverse_read_fn(struct smbXsrv_session_global0 *global, > (struct sessionid_traverse_read_state *)private_data; > struct auth_session_info *session_info = global->auth_session_info; > struct sessionid session = { >- .uid = session_info->unix_token->uid, >- .gid = session_info->unix_token->gid, >+ .uid = -1, >+ .gid = -1, > .id_num = global->session_global_id, > .connect_start = nt_time_to_unix(global->creation_time), > .pid = global->channels[0].server_id, > }; > >- strncpy(session.username, >- session_info->unix_info->unix_name, >- sizeof(fstring)-1); >+ if (session_info != NULL) { >+ session.uid = session_info->unix_token->uid; >+ session.gid = session_info->unix_token->gid; >+ strncpy(session.username, >+ session_info->unix_info->unix_name, >+ sizeof(fstring)-1); >+ } >+ > strncpy(session.remote_machine, > global->channels[0].remote_name, > sizeof(fstring)-1); >-- >1.8.1.5 > > >From 20f4c8a276ca9896983255247fffc7bed11b8f42 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Mon, 8 Jul 2013 16:31:13 +0200 >Subject: [PATCH 2/3] s3-lib: hide incomplete smbXsrv_tcon_global records >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Part of fix for bug #10003 > >Pair-programmed-with: Björn Baumbach <bb@sernet.de> > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Signed-off-by: Björn Baumbach <bb@sernet.de> >Reviewed-by: Jeremy Allison <jra@samba.org> >(cherry picked from commit c52e61f7ba215da28cbb7b8e328aea110ad79b11) >--- > source3/lib/conn_tdb.c | 13 +++++++++++++ > 1 file changed, 13 insertions(+) > >diff --git a/source3/lib/conn_tdb.c b/source3/lib/conn_tdb.c >index bb7618f..b218831 100644 >--- a/source3/lib/conn_tdb.c >+++ b/source3/lib/conn_tdb.c >@@ -91,6 +91,19 @@ static int traverse_tcon_fn(struct smbXsrv_tcon_global0 *global, > > TDB_DATA val = tdb_null; > >+ /* >+ * Note: that share_name is defined as array without a pointer. >+ * that's why it's always a valid pointer here. >+ */ >+ if (strlen(global->share_name) == 0) { >+ /* >+ * when a smbXsrv_tcon is created it's created >+ * with emtpy share_name first in order to allocate >+ * an id, before filling in the details. >+ */ >+ return 0; >+ } >+ > status = dbwrap_fetch(state->session_by_pid, state, > make_tdb_data((void*)&sess_id, sizeof(sess_id)), > &val); >-- >1.8.1.5 > > >From 3cbdf5dbcd97f8c94202b7c1b2bd9439074a94fd Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?Bj=C3=B6rn=20Baumbach?= <bb@sernet.de> >Date: Tue, 9 Jul 2013 12:32:34 +0200 >Subject: [PATCH 3/3] s3-smbstatus: display [u|g]id of -1 as "-1" in connection > list >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >In order to avoid displayed uid or gid of "4294967295" instead of "-1", we >need to fetch the special case -1. >The id can be -1 if we are reading e.g. incomplete session information. > >Signed-off-by: Björn Baumbach <bb@sernet.de> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Jeremy Allison <jra@samba.org> > >Autobuild-User(master): Jeremy Allison <jra@samba.org> >Autobuild-Date(master): Wed Jul 10 01:18:30 CEST 2013 on sn-devel-104 >(cherry picked from commit 577cef82c776759c9f3cad7d33057ac865c40769) >--- > source3/utils/status.c | 24 ++++++++++++++++++++---- > 1 file changed, 20 insertions(+), 4 deletions(-) > >diff --git a/source3/utils/status.c b/source3/utils/status.c >index 0cb46a5..4e823da 100644 >--- a/source3/utils/status.c >+++ b/source3/utils/status.c >@@ -277,13 +277,29 @@ static int traverse_sessionid(const char *key, struct sessionid *session, > > Ucrit_addPid(session->pid); > >- fstr_sprintf(uid_str, "%u", (unsigned int)session->uid); >- fstr_sprintf(gid_str, "%u", (unsigned int)session->gid); >+ fstrcpy(uid_str, "-1"); >+ >+ if (session->uid != -1) { >+ if (numeric_only) { >+ fstr_sprintf(uid_str, "%u", (unsigned int)session->uid); >+ } else { >+ fstrcpy(uid_str, uidtoname(session->uid)); >+ } >+ } >+ >+ fstrcpy(gid_str, "-1"); >+ >+ if (session->gid != -1) { >+ if (numeric_only) { >+ fstr_sprintf(gid_str, "%u", (unsigned int)session->gid); >+ } else { >+ fstrcpy(gid_str, gidtoname(session->gid)); >+ } >+ } > > d_printf("%-7s %-12s %-12s %-12s (%s)\n", > procid_str_static(&session->pid), >- numeric_only ? uid_str : uidtoname(session->uid), >- numeric_only ? gid_str : gidtoname(session->gid), >+ uid_str, gid_str, > session->remote_machine, session->hostname); > > return 0; >-- >1.8.1.5 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=9035">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
metze
:
review+
jra
:
review+
Actions:
View
Attachments on
bug 10003
: 9035 |
9036