Bug 3128 - realpath . fails if libsafe is installed
Summary: realpath . fails if libsafe is installed
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: File Services (show other bugs)
Version: 3.0.20a
Hardware: x86 Linux
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
Depends on:
Reported: 2005-10-02 22:59 UTC by Alexander Murashkin
Modified: 2005-10-13 09:08 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Murashkin 2005-10-02 22:59:33 UTC
Fedora Core 4
libsafe-2.0-17c (Fedora Extras)

libsafe is supposed to protect against  buffer overflow in process stacks. It is
possible that realpath implementation in Samba has buffer overflow problem.

Samba prints the following error messages if libsafe is installed

[2005/10/03 01:00:11, 5] smbd/filename.c:unix_convert(108)
  unix_convert called on file ""
[2005/10/03 01:00:11, 5] smbd/filename.c:unix_convert(137)
  conversion finished "" -> .
[2005/10/03 01:00:11, 3] smbd/vfs.c:reduce_name(919)
  reduce_name [.] [/udd/mur]
[2005/10/03 01:00:11, 1] smbd/vfs.c:reduce_name(981)
  reduce_name: couldn't get realpath for .
[2005/10/03 01:00:11, 5] smbd/filename.c:check_name(418)
  check_name on . failed
[2005/10/03 01:00:11, 3] smbd/error.c:unix_error_packet(91)
  unix_error_packet: error string = Invalid argument
[2005/10/03 01:00:11, 3] smbd/error.c:error_packet(147)
  error packet at smbd/reply.c(800) cmd=16 (SMBchkpth) NT_STATUS_INVALID_HANDLE

When libsafe is removed everuthing is fine.
Comment 1 Jeremy Allison 2005-10-03 18:13:05 UTC
Can you test what you are doing under valgrind, as well as libsafe. If there
really is a problem with realpath then valgrind will show this faster than
libsafe I think.
Comment 2 Gerald (Jerry) Carter (dead mail address) 2005-10-13 09:08:02 UTC
realpath() is from libc.  That would be their bug and not ours.