[SCM] Samba Shared Repository - branch master updated

Fri, 13 Jan 2023 00:34:21 -0800 

The branch, master has been updated
       via  3d3d01cda8d s3: smbd: Tweak openat_pathref_dirfsp_nosymlink() to 
NULL out fsp->fsp_name after calling fd_close() on intermediate directories, 
rather than before.
       via  c844bff3eca selftest: Show vfs_virusscanner crashes when traversing 
a 2-level directory tree.
      from  1421969b86b CI: add a test for @GMT mask in SMB1 find

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 3d3d01cda8d3a6d0d18d1b808aa9414e71d56062
Author: Jeremy Allison <j...@samba.org>
Date:   Thu Jan 12 11:20:08 2023 -0800

    s3: smbd: Tweak openat_pathref_dirfsp_nosymlink() to NULL out fsp->fsp_name 
after calling fd_close() on intermediate directories, rather than before.
    
    vfs_virusfilter expects a non-NULL fsp->fsp_name to use for printing debugs
    (it always indirects fsp->fsp_name). vfs_fruit also does the same, so would
    also crash in fruit_close() with 'debug level = 10' and 
vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no
    set (we don't test with that which is why we haven't noticed
    this before).
    
    Remove knownfail.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=15283
    
    Signed-off-by: Jeremy Allison <j...@samba.org>
    Reviewed-by: Volker Lendecke <v...@samba.org>
    
    Autobuild-User(master): Volker Lendecke <v...@samba.org>
    Autobuild-Date(master): Fri Jan 13 08:33:47 UTC 2023 on sn-devel-184

commit c844bff3eca336547c6cedfeeb03adda4eed57c6
Author: Jeremy Allison <j...@samba.org>
Date:   Thu Jan 12 10:22:09 2023 -0800

    selftest: Show vfs_virusscanner crashes when traversing a 2-level directory 
tree.
    
    Modify check_infected_read() test to use a 2-level deep
    directory.
    
    We must have vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no
    set on the virusscanner share as otherwise the openat flag
    shortcut defeats the test.
    
    Add knownfail.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=15283
    
    Signed-off-by: Jeremy Allison <j...@samba.org>
    Reviewed-by: Volker Lendecke <v...@samba.org>

-----------------------------------------------------------------------

Summary of changes:
 selftest/target/Samba3.pm                  |  1 +
 source3/script/tests/test_virus_scanner.sh | 25 ++++++++++++++++++-------
 source3/smbd/files.c                       |  4 ++--
 3 files changed, 21 insertions(+), 9 deletions(-)


Changeset truncated at 500 lines:

diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index c6cdc84b615..6f93694f1b3 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -1998,6 +1998,7 @@ sub setup_fileserver
        virusfilter:infected files = *infected*
        virusfilter:infected file action = rename
        virusfilter:scan on close = yes
+       vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no
 
 [volumeserialnumber]
        path = $volume_serial_number_sharedir
diff --git a/source3/script/tests/test_virus_scanner.sh 
b/source3/script/tests/test_virus_scanner.sh
index 913c353028b..83b50df915f 100755
--- a/source3/script/tests/test_virus_scanner.sh
+++ b/source3/script/tests/test_virus_scanner.sh
@@ -26,25 +26,36 @@ check_infected_read()
 {
        rm -rf "${sharedir:?}"/*
 
-       if ! touch "${sharedir}/infected.txt"; then
-               echo "ERROR: Cannot create ${sharedir}/infected.txt"
+       if ! mkdir "${sharedir}/read1"; then
+               echo "ERROR: Cannot create ${sharedir}/read1"
+               return 1
+       fi
+
+       if ! mkdir "${sharedir}/read1/read2"; then
+               echo "ERROR: Cannot create ${sharedir}/read1/read2"
                return 1
        fi
 
-       ${SMBCLIENT} "//${SERVER_IP}/${SHARE}" -U"${USER}"%"${PASSWORD}" -c 
"get infected.txt ${sharedir}/infected.download.txt"
+       if ! touch "${sharedir}/read1/read2/infected.txt"; then
+               echo "ERROR: Cannot create ${sharedir}/read1/read2/infected.txt"
+               return 1
+       fi
+
+       ${SMBCLIENT} "//${SERVER_IP}/${SHARE}" -U"${USER}"%"${PASSWORD}" -c 
"get read1/read2/infected.txt ${sharedir}/read1/read2/infected.download.txt"
 
        # check that virusfilter:rename prefix/suffix was added
-       if [ ! -f "${sharedir}/virusfilter.infected.txt.infected" ]; then
-               echo "ERROR: ${sharedir}/virusfilter.infected.txt.infected is 
missing."
+       if [ ! -f "${sharedir}/read1/read2/virusfilter.infected.txt.infected" 
]; then
+               echo "ERROR: 
${sharedir}/read1/read2/virusfilter.infected.txt.infected is missing."
                return 1
        fi
 
        # check that file was not downloaded
-       if [ -f "${sharedir}/infected.download.txt" ]; then
-               echo "ERROR: {sharedir}/infected.download.txt should not exist."
+       if [ -f "${sharedir}/read1/read2/infected.download.txt" ]; then
+               echo "ERROR: {sharedir}/read1/read2/infected.download.txt 
should not exist."
                return 1
        fi
 
+       rm -rf "${sharedir:?}"/*
        return 0
 }
 
diff --git a/source3/smbd/files.c b/source3/smbd/files.c
index 87684b1984d..792e9424bdc 100644
--- a/source3/smbd/files.c
+++ b/source3/smbd/files.c
@@ -1058,9 +1058,9 @@ next:
        }
 
        if (dirfsp != conn->cwd_fsp) {
-               dirfsp->fsp_name = NULL;
                SMB_ASSERT(fsp_get_pathref_fd(dirfsp) != -1);
                fd_close(dirfsp);
+               dirfsp->fsp_name = NULL;
                file_free(NULL, dirfsp);
                dirfsp = NULL;
        }
@@ -1122,9 +1122,9 @@ fail:
        }
 
        if ((dirfsp != NULL) && (dirfsp != conn->cwd_fsp)) {
-               dirfsp->fsp_name = NULL;
                SMB_ASSERT(fsp_get_pathref_fd(dirfsp) != -1);
                fd_close(dirfsp);
+               dirfsp->fsp_name = NULL;
                file_free(NULL, dirfsp);
                dirfsp = NULL;
        }


-- 
Samba Shared Repository

Reply via email to