[SCM] Samba Shared Repository - branch master updated

Tue, 07 Aug 2012 19:13:27 -0700 

The branch, master has been updated
       via  64c0367 s3: Fix a crash in reply_lockingX_error
      from  c2dee12 vfs_dirsort: Remove unnecessary return; statement

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 64c0367335fab0137e65f8cfa35af77ff854f654
Author: Volker Lendecke <[email protected]>
Date:   Tue Aug 7 22:25:53 2012 +0200

    s3: Fix a crash in reply_lockingX_error
    
    A timed brlock with 2 locks comes in and the second one blocks,
    file is closed. smbd_cancel_pending_lock_requests_by_fid sets
    blr->fsp to NULL. reply_lockingX_error (called via
    MSG_SMB_BLOCKING_LOCK_CANCEL) deferences blr->fsp because
    blr->lock_num==1 (the second one blocked).
    
    This patch fixes the bug by only undoing the locks if fsp!=NULL.
    fsp==NULL is the close case where everything is undone anyway.
    
    Thanks to Peter Somogyi, [email protected] for this bug report.
    
    Autobuild-User(master): Jeremy Allison <[email protected]>
    Autobuild-Date(master): Wed Aug  8 04:12:04 CEST 2012 on sn-devel-104

-----------------------------------------------------------------------

Summary of changes:
 source3/smbd/blocking.c |   15 +++++++++++----
 1 files changed, 11 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/blocking.c b/source3/smbd/blocking.c
index 3a45a27..95d6c33 100644
--- a/source3/smbd/blocking.c
+++ b/source3/smbd/blocking.c
@@ -336,7 +336,7 @@ static void generic_blocking_lock_error(struct 
blocking_lock_record *blr, NTSTAT
  obtained first.
 *****************************************************************************/
 
-static void reply_lockingX_error(struct blocking_lock_record *blr, NTSTATUS 
status)
+static void undo_locks_obtained(struct blocking_lock_record *blr)
 {
        files_struct *fsp = blr->fsp;
        uint16 num_ulocks = SVAL(blr->req->vwv+6, 0);
@@ -380,8 +380,6 @@ static void reply_lockingX_error(struct 
blocking_lock_record *blr, NTSTATUS stat
                        offset,
                        WINDOWS_LOCK);
        }
-
-       generic_blocking_lock_error(blr, status);
 }
 
 /****************************************************************************
@@ -394,7 +392,16 @@ static void blocking_lock_reply_error(struct 
blocking_lock_record *blr, NTSTATUS
 
        switch(blr->req->cmd) {
        case SMBlockingX:
-               reply_lockingX_error(blr, status);
+               /*
+                * This code can be called during the rundown of a
+                * file after it was already closed. In that case,
+                * blr->fsp==NULL and we do not need to undo any
+                * locks, they are already gone.
+                */
+               if (blr->fsp != NULL) {
+                       undo_locks_obtained(blr);
+               }
+               generic_blocking_lock_error(blr, status);
                break;
        case SMBtrans2:
        case SMBtranss2:


-- 
Samba Shared Repository

Reply via email to