Bug 10208 - Bad sessionsetup reauthentication crashes smbd.
Bad sessionsetup reauthentication crashes smbd.
Status: RESOLVED FIXED
Product: Samba 4.0
Classification: Unclassified
Component: File services
unspecified
All All
: P5 normal
: ---
Assigned To: Jeremy Allison
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-10-15 18:14 UTC by Jeremy Allison
Modified: 2015-06-15 07:58 UTC (History)
1 user (show)

See Also:


Attachments
git-am fix for 4.1.x and 4.0.x. (8.76 KB, patch)
2013-10-21 18:08 UTC, Jeremy Allison
no flags Details
Additional git-am fix for master and 4.1.x (1.71 KB, patch)
2013-10-31 21:31 UTC, Jeremy Allison
no flags Details
v4-1-test patch (10.84 KB, patch)
2013-11-04 13:34 UTC, Andreas Schneider
asn: review? (jra)
asn: review? (ddiss)
Details
v4-0-test patch (8.97 KB, patch)
2013-11-04 13:36 UTC, Andreas Schneider
asn: review? (jra)
asn: review? (ddiss)
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Jeremy Allison 2013-10-15 18:14:34 UTC
Found by Codenomicon at the recent SNIA plugfest.

Resending an identical sessionsetup packet in an SMB3 session causes smbd to crash as it incorrectly tears down the session given a duplicate sessionid.

Patches to follow.

Jeremy.
Comment 1 Jeremy Allison 2013-10-21 18:08:45 UTC
Created attachment 9307 [details]
git-am fix for 4.1.x and 4.0.x.

I think we also need the follow-up patch which I'll also attach, but this is the fix that went into master (applies cleanly to 4.0.x and 4.1.x).

Jeremy.
Comment 2 Jeremy Allison 2013-10-31 21:23:13 UTC
Comment on attachment 9307 [details]
git-am fix for 4.1.x and 4.0.x.

Ping... Someone, anyone ?

:-).
Comment 3 Jeremy Allison 2013-10-31 21:31:10 UTC
Created attachment 9353 [details]
Additional git-am fix for master and 4.1.x

This is the additional fix I think we need.
Comment 4 Andreas Schneider 2013-11-04 08:49:47 UTC
I've fixed the git commit message and pushed it to master. I will add it here as soon as it is upstream. Then we can proceed.
Comment 5 Andreas Schneider 2013-11-04 13:34:43 UTC
Created attachment 9365 [details]
v4-1-test patch
Comment 6 Andreas Schneider 2013-11-04 13:36:00 UTC
Created attachment 9366 [details]
v4-0-test patch
Comment 7 Stefan Metzmacher 2015-06-15 07:58:08 UTC
This is fixes in 4.1, 4.2 and master in bug #11182