The torture test base.createx_access, in autobuild currently not run against smbd but only against s4 ntvfs, indicates what we're missing a check for invalid bits in the access_mask from the client. Patch to follow...
(In reply to Ralph Böhme from comment #0) This comment is not quite correct, as the test is run against and fails the ad_dc env which of course uses smbd, not s4 ntvfs....
(In reply to Ralph Böhme from comment #1) Sorry, it has been a long day, but this was again...wrong. :/ Let's try to say it differently: smbd was missing a check present in s4 ntvfs. The existing test was only run against s4 ntvfs so the missing check in smbd went unnoticed. The patchset adds the check to smbd and runs the existing test against ad_dc as well.
Created attachment 12943 [details] Patch for 4.4, 4.5 and 4.6 cherry-picked from master
Comment on attachment 12943 [details] Patch for 4.4, 4.5 and 4.6 cherry-picked from master LGTM.
Re-assigning to Karolin for inclusion in 4.6.next, 4.5.next, 4.4.next.
(In reply to Jeremy Allison from comment #5) Pushed to autobuild-v4-{6,5,4}-test.
(In reply to Karolin Seeger from comment #6) Pushed to all branches. Closing out bug report. Thanks!