The branch, master has been updated
via 10b0a8b smbd: Avoid large reads beyond EOF
from 07e2f47 Fix the smb2_setinfo to handle FS info types and FSQUOTA
infolevel
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 10b0a8baa25fab70df8e6c5f0048ce0963211517
Author: Volker Lendecke <v...@samba.org>
Date: Wed Apr 27 12:15:37 2016 +0200
smbd: Avoid large reads beyond EOF
With unix extensions and oplocks=no mount.cifs from jessie reads beyond the
file end forever, and we are happy to return zeros....
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11878
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
Autobuild-User(master): Jeremy Allison <j...@samba.org>
Autobuild-Date(master): Wed Apr 27 23:57:56 CEST 2016 on sn-devel-144
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/reply.c | 10 ++++++++++
1 file changed, 10 insertions(+)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index cbe15a3..e0e55c6 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -4100,6 +4100,16 @@ normal_read:
uint8_t headerbuf[smb_size + 2*12 + 1 /* padding byte */];
ssize_t ret;
+ if (!S_ISREG(fsp->fsp_name->st.st_ex_mode) ||
+ (startpos > fsp->fsp_name->st.st_ex_size) ||
+ (smb_maxcnt > (fsp->fsp_name->st.st_ex_size - startpos))) {
+ /*
+ * We already know that we would do a short
+ * read, so don't try the sendfile() path.
+ */
+ goto nosendfile_read;
+ }
+
construct_reply_common_req(req, (char *)headerbuf);
setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
--
Samba Shared Repository
