Bug 5185 - smbc_setxattr corrupts smbc_context when setting time attributes
smbc_setxattr corrupts smbc_context when setting time attributes
Status: RESOLVED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: libsmbclient
3.0.28
Other Other
: P3 major
: none
Assigned To: Derrell Lipman
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2008-01-10 04:38 UTC by Henrik
Modified: 2008-01-17 15:46 UTC (History)
0 users

See Also:


Attachments
Consecutive uses of getxattr and/or setxattr fails. (2.50 KB, application/octet-stream)
2008-01-17 09:00 UTC, Henrik
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Henrik 2008-01-10 04:38:01 UTC
We are using samba 3.0.28 and we noticed some weird bugs with the smbc_setxattr function.

Worth of mentioning is that on our contexts we use: smbc_option_set( pSmbContext, "full_time_names", 1 );

It looks like setting time values somehow corrupt the context, so that we can't set ACL using names. Somehow it works if we set ACL using SIDs.
This has been tried on several paths, many times, many files/directories after each other, same result every time.

In the following example we first set CREATE_TIME and WRITE_TIME of a directory, then try to set the ACL using Names, which fails. Then we get a new context and try again, which works.

setxattr smb://10.168.1.133/C$/Test/Test/dir_a
       system.dos_attr.*
       CREATE_TIME:1199807690,WRITE_TIME:1199807823
       nReturnValue: 0, errno: 0

setxattr smb://10.168.1.133/C$/Test/Test/dir_a
       system.nt_sec_desc.*+
       REVISION:1,OWNER:BBI-DEV\Admin,GROUP:BBI-DEV\Ingen,ACL:BBI-DEV\Admin:0/3/0x001f01ff,ACL:BBI-DEV\Lena:0/3/0x001f01ff,ACL:NT Authority\SYSTEM:0/3/0x001f01ff
       nReturnValue: -1, errno: 22

Here it failed, so the program get a new context and try again with the exact same call to setxattr:

setxattr smb://10.168.1.133/C$/Test/Test/dir_a
       system.nt_sec_desc.*+
       REVISION:1,OWNER:BBI-DEV\Admin,GROUP:BBI-DEV\Ingen,ACL:BBI-DEV\Admin:0/3/0x001f01ff,ACL:BBI-DEV\Lena:0/3/0x001f01ff,ACL:NT Authority\SYSTEM:0/3/0x001f01ff
       nReturnValue: 0, errno: 0

Success as we use a new clean context.

-----------------------------------------------------------------------------------------------------------------------------

In the following example we first set CREATE_TIME and WRITE_TIME of a directory, then try to set the ACL using SIDs, which works!

setxattr smb://10.168.1.133/C$/Test/Test/dir_a
       system.dos_attr.*
       CREATE_TIME:1199807690,WRITE_TIME:1199807823
       nReturnValue: 0, errno: 0

setxattr smb://10.168.1.133/C$/Test/Test/dir_a
       system.nt_sec_desc.*
       REVISION:1,OWNER:S-1-5-21-1454471165-1214440339-839522115-1005,GROUP:S-1-5-21-1454471165-1214440339-839522115-513,ACL:S-1-5-21-1454471165-1214440339-839522115-1005:0/3/0x001f01ff,ACL:S-1-5-21-1454471165-1214440339-839522115-1004:0/3/0x001f01ff,ACL:S-1-5-18:0/3/0x001f01ff
       nReturnValue: 0, errno: 0


If we DO NOT set CREATE_TIME and WRITE_TIME and ONLY set ACLs, then it works every time with both ACL Names and ACL SIDs.
Comment 1 Derrell Lipman 2008-01-15 20:29:04 UTC
I don't see anything in the latest code (3.2) that should cause any corruption of the context when setting the times.  Please test with the current code from git branch v3-2-test or v3-2-stable.  If you still have the problem, if you could provide a small C test program that demonstrates the problem, this should be fairly easy to track down.

Derrell
Comment 2 Henrik 2008-01-17 08:14:27 UTC
I've made a simpler program to test with which I'll attach to this bug report.

It seems that it's only the name resolving that makes something strange. If I try getxattr on the same file several times in a row (using system.nt_sec_desc.*+) to retrieve acl names, I get names first time, and SIDs the following times, unless I get a new context each time which will then give me names each time.

I've also noticed a few strange things in libsmbclient.h:

smbc_getxattr value parameter is "const void*", isnt that kind of counter intuitive? It's a pointer to the buffer that will contain the retrieved data. Looks like you remove the constness in smbc_getxattr_ctx in libsmbclient.c.

smbc_getxattr mentions in its comments that it returns 0 on successful - wrong. It seemt to me that it returns the size of the retrieved data when it's successful.
Comment 3 Derrell Lipman 2008-01-17 08:49:52 UTC
Ok.  I don't have your test program yet but I have reproduced the problem based on your latest report.  I'm working on it.

Derrell
Comment 4 Henrik 2008-01-17 09:00:40 UTC
Created attachment 3107 [details]
Consecutive uses of getxattr and/or setxattr fails.
Comment 5 Henrik 2008-01-17 09:06:52 UTC
I accidentally submitted my previous post (Comment #2) a bit too early. I see you've already managed to repraduce the bug :-), but now the test program is attached.

Both setxattr and getxattr seems to have similar problems when using names instead of SIDs.

Last tried with samba version: 3.2.0pre2-GIT-dea64a0-test.
Comment 6 Derrell Lipman 2008-01-17 10:52:22 UTC
Fixed in v3-2-test.
Comment 7 Henrik 2008-01-17 15:46:34 UTC
Fixed confirmed!

Good job Derrell!