The branch, master has been updated
via 9d7444b Fix second part of bug #8811 -
sd_has_inheritable_components segfaults on an SD that se_access_check accepts.
from 15eaaa0 s4:samba-tool: remove remains of patch conflict resolution
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 9d7444bfce7ebf583da31371142db33d928949f8
Author: Jeremy Allison <[email protected]>
Date: Fri Mar 16 15:26:57 2012 -0700
Fix second part of bug #8811 - sd_has_inheritable_components segfaults on
an SD that se_access_check accepts.
This fixes a coredump with a NULL DACL in
add_directory_inheritable_components().
Autobuild-User: Jeremy Allison <[email protected]>
Autobuild-Date: Sat Mar 17 01:05:57 CET 2012 on sn-devel-104
-----------------------------------------------------------------------
Summary of changes:
source3/modules/vfs_acl_common.c | 25 ++++++++++++++++++++-----
1 files changed, 20 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index ca303d3..241bc8f 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -179,7 +179,7 @@ static NTSTATUS create_acl_blob(const struct
security_descriptor *psd,
CREATOR_OWNER/CREATOR_GROUP/WORLD.
*******************************************************************/
-static void add_directory_inheritable_components(vfs_handle_struct *handle,
+static NTSTATUS add_directory_inheritable_components(vfs_handle_struct *handle,
const char *name,
SMB_STRUCT_STAT *psbuf,
struct security_descriptor *psd)
@@ -197,7 +197,7 @@ static void
add_directory_inheritable_components(vfs_handle_struct *handle,
num_aces + 3);
if (new_ace_list == NULL) {
- return;
+ return NT_STATUS_NO_MEMORY;
}
/* Fake a quick smb_filename. */
@@ -249,8 +249,19 @@ static void
add_directory_inheritable_components(vfs_handle_struct *handle,
SEC_ACE_FLAG_CONTAINER_INHERIT|
SEC_ACE_FLAG_OBJECT_INHERIT|
SEC_ACE_FLAG_INHERIT_ONLY);
- psd->dacl->aces = new_ace_list;
- psd->dacl->num_aces += 3;
+ if (psd->dacl) {
+ psd->dacl->aces = new_ace_list;
+ psd->dacl->num_aces += 3;
+ } else {
+ psd->dacl = make_sec_acl(talloc_tos(),
+ NT4_ACL_REVISION,
+ 3,
+ new_ace_list);
+ if (psd->dacl == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ }
+ return NT_STATUS_OK;
}
/*******************************************************************
@@ -406,10 +417,14 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct
*handle,
if (is_directory &&
!sd_has_inheritable_components(psd,
true)) {
- add_directory_inheritable_components(handle,
+ status = add_directory_inheritable_components(
+ handle,
name,
psbuf,
psd);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
}
/* The underlying POSIX module always sets
the ~SEC_DESC_DACL_PROTECTED bit, as ACLs
--
Samba Shared Repository
