[SCM] SAMBA-CTDB repository - branch v3-2-ctdb updated - 3.2.11-ctdb-69-7-gaf1e35a

Mon, 25 Jan 2010 06:48:41 -0800 

The branch, v3-2-ctdb has been updated
       via  af1e35a613fbd4b8671bffbd848493911ef5a7f4 (commit)
      from  1025a2611688afbe8ce461e476989c7740dd2cb3 (commit)

http://gitweb.samba.org/?p=obnox/samba-ctdb.git;a=shortlog;h=v3-2-ctdb


- Log -----------------------------------------------------------------
commit af1e35a613fbd4b8671bffbd848493911ef5a7f4
Author: Jeremy Allison <[email protected]>
Date:   Mon Sep 28 13:52:57 2009 +0200

    Fix for CVE-2009-2813.
    
    ===========================================================
    == Subject:     Misconfigured /etc/passwd file may share folders 
unexpectedly
    ==
    == CVE ID#:     CVE-2009-2813
    ==
    == Versions:    All versions of Samba later than 3.0.11
    ==
    == Summary:     If a user in /etc/passwd is misconfigured to have
    ==              an empty home directory then connecting to the home
    ==              share of this user will use the root of the filesystem
    ==              as the home directory.
    ===========================================================

-----------------------------------------------------------------------

Summary of changes:
 source/param/loadparm.c |    7 ++++++-
 source/smbd/service.c   |    6 +++++-
 2 files changed, 11 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/param/loadparm.c b/source/param/loadparm.c
index 441fc62..ddb7181 100644
--- a/source/param/loadparm.c
+++ b/source/param/loadparm.c
@@ -5831,6 +5831,11 @@ bool lp_add_home(const char *pszHomename, int 
iDefaultService,
 {
        int i;
 
+       if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
+                       pszHomedir[0] == '\0') {
+               return false;
+       }
+
        i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
 
        if (i < 0)
@@ -7823,7 +7828,7 @@ static void lp_add_auto_services(char *str)
 
                home = get_user_home_dir(talloc_tos(), p);
 
-               if (home && homes >= 0)
+               if (home && home[0] && homes >= 0)
                        lp_add_home(p, homes, p, home);
 
                TALLOC_FREE(home);
diff --git a/source/smbd/service.c b/source/smbd/service.c
index ffd63ac..a7eb70b 100644
--- a/source/smbd/service.c
+++ b/source/smbd/service.c
@@ -55,6 +55,10 @@ bool set_conn_connectpath(connection_struct *conn, const 
char *connectpath)
        const char *s = connectpath;
         bool start_of_name_component = true;
 
+       if (connectpath == NULL || connectpath[0] == '\0') {
+               return false;
+       }
+
        destname = SMB_STRDUP(connectpath);
        if (!destname) {
                return false;
@@ -260,7 +264,7 @@ int add_home_service(const char *service, const char 
*username, const char *home
 {
        int iHomeService;
 
-       if (!service || !homedir)
+       if (!service || !homedir || homedir[0] == '\0')
                return -1;
 
        if ((iHomeService = lp_servicenumber(HOMES_NAME)) < 0) {


-- 
SAMBA-CTDB repository

Reply via email to