Bug 222 - smbclient falls into infinite loop on empty dir names
smbclient falls into infinite loop on empty dir names
Status: CLOSED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: smbclient
3.0.0preX
All Linux
: P2 minor
: none
Assigned To: Gerald (Jerry) Carter
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2003-07-14 04:48 UTC by Marcin Owsiany
Modified: 2005-08-24 10:25 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcin Owsiany 2003-07-14 04:48:40 UTC
In certain situations the samba server returns an empty ('')
directory name (an example of such situation at the end of the report).
This causes smbclient to fall into an infinite loop when invoked as:

smbclient -N '//some/where' -c 'recurse;ls'

It is so because "cd ''" causes it to stay in current directory.
It would be nice if smbclient would print a warning and not enter the empty
directory.

I am aware that this is not a protection against a rouge server, which could
just provide an infinite amount of bogus directory data. However the proposed
behavior would help diagnose misconfigured servers.

An example of such misconfiguration is that when there are filenames with
non-utf8, non-ascii characters and "unix charset" not set. When such (non-valid
utf8)
character is the first character of a directory name, samba server truncates the
name before the first character, resulting in an empty filename.

Proposed patch:

--- client.c.orig       2003-07-14 13:37:52.000000000 +0200
+++ client.c    2003-07-14 13:47:33.000000000 +0200
@@ -481,6 +481,11 @@
                        pstring mask2;
                        char *p;
                                                                                  
+                       if (*f->name == '\0') {
+                               d_printf("Empty dir name returned. Possible
server misconfiguration.\n");
+                               return;
+                       }
+
                        pstrcpy(mask2, mask);
                        p = strrchr_m(mask2,'\\');
                        if (!p) return;
Comment 1 Tim Potter 2003-07-16 21:18:52 UTC
Checked in.  Thanks!

I made the if statment a bit shorter though.
Comment 2 Gerald (Jerry) Carter 2005-02-07 08:40:35 UTC
originally reported against 3.0.0beta2.  CLeaning out 
non-production release versions.
Comment 3 Gerald (Jerry) Carter 2005-08-24 10:25:51 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.