The branch, master has been updated via 3d3d01cda8d s3: smbd: Tweak openat_pathref_dirfsp_nosymlink() to NULL out fsp->fsp_name after calling fd_close() on intermediate directories, rather than before. via c844bff3eca selftest: Show vfs_virusscanner crashes when traversing a 2-level directory tree. from 1421969b86b CI: add a test for @GMT mask in SMB1 find
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 3d3d01cda8d3a6d0d18d1b808aa9414e71d56062 Author: Jeremy Allison <j...@samba.org> Date: Thu Jan 12 11:20:08 2023 -0800 s3: smbd: Tweak openat_pathref_dirfsp_nosymlink() to NULL out fsp->fsp_name after calling fd_close() on intermediate directories, rather than before. vfs_virusfilter expects a non-NULL fsp->fsp_name to use for printing debugs (it always indirects fsp->fsp_name). vfs_fruit also does the same, so would also crash in fruit_close() with 'debug level = 10' and vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no set (we don't test with that which is why we haven't noticed this before). Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15283 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> Autobuild-User(master): Volker Lendecke <v...@samba.org> Autobuild-Date(master): Fri Jan 13 08:33:47 UTC 2023 on sn-devel-184 commit c844bff3eca336547c6cedfeeb03adda4eed57c6 Author: Jeremy Allison <j...@samba.org> Date: Thu Jan 12 10:22:09 2023 -0800 selftest: Show vfs_virusscanner crashes when traversing a 2-level directory tree. Modify check_infected_read() test to use a 2-level deep directory. We must have vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no set on the virusscanner share as otherwise the openat flag shortcut defeats the test. Add knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15283 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> ----------------------------------------------------------------------- Summary of changes: selftest/target/Samba3.pm | 1 + source3/script/tests/test_virus_scanner.sh | 25 ++++++++++++++++++------- source3/smbd/files.c | 4 ++-- 3 files changed, 21 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index c6cdc84b615..6f93694f1b3 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -1998,6 +1998,7 @@ sub setup_fileserver virusfilter:infected files = *infected* virusfilter:infected file action = rename virusfilter:scan on close = yes + vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no [volumeserialnumber] path = $volume_serial_number_sharedir diff --git a/source3/script/tests/test_virus_scanner.sh b/source3/script/tests/test_virus_scanner.sh index 913c353028b..83b50df915f 100755 --- a/source3/script/tests/test_virus_scanner.sh +++ b/source3/script/tests/test_virus_scanner.sh @@ -26,25 +26,36 @@ check_infected_read() { rm -rf "${sharedir:?}"/* - if ! touch "${sharedir}/infected.txt"; then - echo "ERROR: Cannot create ${sharedir}/infected.txt" + if ! mkdir "${sharedir}/read1"; then + echo "ERROR: Cannot create ${sharedir}/read1" + return 1 + fi + + if ! mkdir "${sharedir}/read1/read2"; then + echo "ERROR: Cannot create ${sharedir}/read1/read2" return 1 fi - ${SMBCLIENT} "//${SERVER_IP}/${SHARE}" -U"${USER}"%"${PASSWORD}" -c "get infected.txt ${sharedir}/infected.download.txt" + if ! touch "${sharedir}/read1/read2/infected.txt"; then + echo "ERROR: Cannot create ${sharedir}/read1/read2/infected.txt" + return 1 + fi + + ${SMBCLIENT} "//${SERVER_IP}/${SHARE}" -U"${USER}"%"${PASSWORD}" -c "get read1/read2/infected.txt ${sharedir}/read1/read2/infected.download.txt" # check that virusfilter:rename prefix/suffix was added - if [ ! -f "${sharedir}/virusfilter.infected.txt.infected" ]; then - echo "ERROR: ${sharedir}/virusfilter.infected.txt.infected is missing." + if [ ! -f "${sharedir}/read1/read2/virusfilter.infected.txt.infected" ]; then + echo "ERROR: ${sharedir}/read1/read2/virusfilter.infected.txt.infected is missing." return 1 fi # check that file was not downloaded - if [ -f "${sharedir}/infected.download.txt" ]; then - echo "ERROR: {sharedir}/infected.download.txt should not exist." + if [ -f "${sharedir}/read1/read2/infected.download.txt" ]; then + echo "ERROR: {sharedir}/read1/read2/infected.download.txt should not exist." return 1 fi + rm -rf "${sharedir:?}"/* return 0 } diff --git a/source3/smbd/files.c b/source3/smbd/files.c index 87684b1984d..792e9424bdc 100644 --- a/source3/smbd/files.c +++ b/source3/smbd/files.c @@ -1058,9 +1058,9 @@ next: } if (dirfsp != conn->cwd_fsp) { - dirfsp->fsp_name = NULL; SMB_ASSERT(fsp_get_pathref_fd(dirfsp) != -1); fd_close(dirfsp); + dirfsp->fsp_name = NULL; file_free(NULL, dirfsp); dirfsp = NULL; } @@ -1122,9 +1122,9 @@ fail: } if ((dirfsp != NULL) && (dirfsp != conn->cwd_fsp)) { - dirfsp->fsp_name = NULL; SMB_ASSERT(fsp_get_pathref_fd(dirfsp) != -1); fd_close(dirfsp); + dirfsp->fsp_name = NULL; file_free(NULL, dirfsp); dirfsp = NULL; } -- Samba Shared Repository