Author: derrell Date: 2007-08-13 17:46:11 +0000 (Mon, 13 Aug 2007) New Revision: 24378
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=24378 Log: - ACL retrieval provided incomplete information because the buffer pointer was incremented too far in some circumstances. In these cases, only the first of multiple concatenated strings would be seen. - Working on bug 4649 pertaining to delete an ACL, this fixes the reported crash. It appears to have been an incomplete switchover from malloc to talloc, as the memory was still being freed with SAFE_FREE. Deleting ACLs still doesn't work. Although a valid request is sent to the server and a SUCCESS response is returned, the method that's used in libsmbclient for deleting ACLs seems to be incorrect. In looking at the samba4 torture tests, it appears that we should be turning on the INHERIT flag if we want to delete the ACL. (I could use some assistance on the proper flags to send, from anyone familiar with this stuff.) Derrell Modified: branches/SAMBA_3_0_25/source/libsmb/libsmbclient.c Changeset: Modified: branches/SAMBA_3_0_25/source/libsmb/libsmbclient.c =================================================================== --- branches/SAMBA_3_0_25/source/libsmb/libsmbclient.c 2007-08-13 17:45:03 UTC (rev 24377) +++ branches/SAMBA_3_0_25/source/libsmb/libsmbclient.c 2007-08-13 17:46:11 UTC (rev 24378) @@ -4537,6 +4537,7 @@ buf += n; n_used += n; bufsize -= n; + n = 0; } if (! exclude_nt_owner) { @@ -4584,6 +4585,7 @@ buf += n; n_used += n; bufsize -= n; + n = 0; } if (! exclude_nt_group) { @@ -4629,6 +4631,7 @@ buf += n; n_used += n; bufsize -= n; + n = 0; } if (! exclude_nt_acl) { @@ -4719,6 +4722,7 @@ buf += n; n_used += n; bufsize -= n; + n = 0; } } @@ -4793,6 +4797,7 @@ buf += n; n_used += n; bufsize -= n; + n = 0; } if (! exclude_dos_size) { @@ -4837,6 +4842,7 @@ buf += n; n_used += n; bufsize -= n; + n = 0; } if (! exclude_dos_create_time && @@ -4879,6 +4885,7 @@ buf += n; n_used += n; bufsize -= n; + n = 0; } if (! exclude_dos_access_time) { @@ -4920,6 +4927,7 @@ buf += n; n_used += n; bufsize -= n; + n = 0; } if (! exclude_dos_write_time) { @@ -4961,6 +4969,7 @@ buf += n; n_used += n; bufsize -= n; + n = 0; } if (! exclude_dos_change_time) { @@ -5002,6 +5011,7 @@ buf += n; n_used += n; bufsize -= n; + n = 0; } if (! exclude_dos_inode) { @@ -5046,6 +5056,7 @@ buf += n; n_used += n; bufsize -= n; + n = 0; } /* Restore name pointer to its original value */ @@ -5140,8 +5151,8 @@ switch (mode) { case SMBC_XATTR_MODE_REMOVE_ALL: old->dacl->num_aces = 0; - SAFE_FREE(old->dacl->aces); - SAFE_FREE(old->dacl); + prs_mem_free(old->dacl->aces); + prs_mem_free(&old->dacl); old->dacl = NULL; dacl = old->dacl; break; @@ -5160,8 +5171,8 @@ } old->dacl->num_aces--; if (old->dacl->num_aces == 0) { - SAFE_FREE(old->dacl->aces); - SAFE_FREE(old->dacl); + prs_mem_free(&old->dacl->aces); + prs_mem_free(&old->dacl); old->dacl = NULL; } found = True;
