The branch, master has been updated
via f3df83a2c34 lib/adouble: pass filesize to ad_unpack()
via 9a3da6bebcd lib/adouble: drop ad_data reallocate logic
via baaaf59e948 lib/adouble: README.Coding fix: multi-line if expression
via f0c8ac47a46 lib/adouble: fix a long line
via b63069db9fb torture: expand test "vfs.fruit.resource fork IO" to
check size
from ef58222616f CVE-2019-14833 dsdb: send full password to check
password script
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit f3df83a2c346d945487a27a9d258ee6331ea7dbb
Author: Ralph Boehme <s...@samba.org>
Date: Thu Oct 24 17:15:18 2019 +0200
lib/adouble: pass filesize to ad_unpack()
ad_unpack() needs the filesize, not the capped IO size we're using in the
caller
to read up to "size" bystem from the ._ AppleDouble file.
This fixes a regression introduced by
bdc257a1cbac7e8c73a084b618ba642476807483
for bug 13968.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
RN: vfs_fruit returns capped resource fork length
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Autobuild-User(master): Ralph Böhme <s...@samba.org>
Autobuild-Date(master): Wed Oct 30 14:52:34 UTC 2019 on sn-devel-184
commit 9a3da6bebcdb924ca2027337544d79ac2088677e
Author: Ralph Boehme <s...@samba.org>
Date: Fri Oct 25 15:21:32 2019 +0200
lib/adouble: drop ad_data reallocate logic
Simply set the buffer size to AD_XATTR_MAX_HDR_SIZE. When reading the
AppleDouble file, read up to AD_XATTR_MAX_HDR_SIZE from the file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit baaaf59e948df625b01fa8b6317ab5c3babb4e8f
Author: Ralph Boehme <s...@samba.org>
Date: Thu Oct 24 17:26:08 2019 +0200
lib/adouble: README.Coding fix: multi-line if expression
Also remove a TAB.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit f0c8ac47a4608eabeae334d39885aab98198b753
Author: Ralph Boehme <s...@samba.org>
Date: Thu Oct 24 17:17:28 2019 +0200
lib/adouble: fix a long line
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit b63069db9fb6efb33b7b917cd5b0ee06b0da9cdc
Author: Ralph Boehme <s...@samba.org>
Date: Fri Oct 25 15:41:40 2019 +0200
torture: expand test "vfs.fruit.resource fork IO" to check size
Reveals a bug where the resource fork size is capped at 65454 bytes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/lib/adouble.c | 57 +++++++++++++++++++++++++--------------------
source4/torture/vfs/fruit.c | 29 +++++++++++++++++++++++
2 files changed, 61 insertions(+), 25 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/adouble.c b/source3/lib/adouble.c
index 5cac5dbd9bb..84198ab2000 100644
--- a/source3/lib/adouble.c
+++ b/source3/lib/adouble.c
@@ -2151,8 +2151,7 @@ static ssize_t ad_read_rsrc_adouble(vfs_handle_struct
*handle,
struct adouble *ad,
const struct smb_filename *smb_fname)
{
- char *p_ad = NULL;
- size_t size;
+ size_t to_read;
ssize_t len;
int ret;
bool ok;
@@ -2164,35 +2163,26 @@ static ssize_t ad_read_rsrc_adouble(vfs_handle_struct
*handle,
return -1;
}
- /*
- * AppleDouble file header content and size, two cases:
- *
- * - without xattrs it is exactly AD_DATASZ_DOT_UND (82) bytes large
- * - with embedded xattrs it can be larger, up to AD_XATTR_MAX_HDR_SIZE
- *
- * Read as much as we can up to AD_XATTR_MAX_HDR_SIZE.
- */
- size = ad->ad_fsp->fsp_name->st.st_ex_size;
- if (size > talloc_array_length(ad->ad_data)) {
- if (size > AD_XATTR_MAX_HDR_SIZE) {
- size = AD_XATTR_MAX_HDR_SIZE;
- }
- p_ad = talloc_realloc(ad, ad->ad_data, char, size);
- if (p_ad == NULL) {
- return -1;
- }
- ad->ad_data = p_ad;
+ to_read = ad->ad_fsp->fsp_name->st.st_ex_size;
+ if (to_read > AD_XATTR_MAX_HDR_SIZE) {
+ to_read = AD_XATTR_MAX_HDR_SIZE;
}
- len = SMB_VFS_NEXT_PREAD(handle, ad->ad_fsp, ad->ad_data,
talloc_array_length(ad->ad_data), 0);
- if (len != talloc_array_length(ad->ad_data)) {
+ len = SMB_VFS_NEXT_PREAD(handle,
+ ad->ad_fsp,
+ ad->ad_data,
+ to_read,
+ 0);
+ if (len != to_read) {
DBG_NOTICE("%s %s: bad size: %zd\n",
smb_fname->base_name, strerror(errno), len);
return -1;
}
/* Now parse entries */
- ok = ad_unpack(ad, ADEID_NUM_DOT_UND, size);
+ ok = ad_unpack(ad,
+ ADEID_NUM_DOT_UND,
+ ad->ad_fsp->fsp_name->st.st_ex_size);
if (!ok) {
DBG_ERR("invalid AppleDouble resource %s\n",
smb_fname->base_name);
@@ -2202,7 +2192,8 @@ static ssize_t ad_read_rsrc_adouble(vfs_handle_struct
*handle,
if ((ad_getentryoff(ad, ADEID_FINDERI) != ADEDOFF_FINDERI_DOT_UND)
|| (ad_getentrylen(ad, ADEID_FINDERI) < ADEDLEN_FINDERI)
- || (ad_getentryoff(ad, ADEID_RFORK) < ADEDOFF_RFORK_DOT_UND)) {
+ || (ad_getentryoff(ad, ADEID_RFORK) < ADEDOFF_RFORK_DOT_UND))
+ {
DBG_ERR("invalid AppleDouble resource %s\n",
smb_fname->base_name);
errno = EINVAL;
@@ -2282,7 +2273,23 @@ static struct adouble *ad_alloc(TALLOC_CTX *ctx,
adsize = AD_DATASZ_XATTR;
break;
case ADOUBLE_RSRC:
- adsize = AD_DATASZ_DOT_UND;
+ /*
+ * AppleDouble ._ file case, optimize for fewer (but larger)
+ * IOs. Two cases:
+ *
+ * - without xattrs size of the header is exactly
+ * AD_DATASZ_DOT_UND (82) bytes
+ *
+ * - with embedded xattrs it can be larger, up to
+ * AD_XATTR_MAX_HDR_SIZE
+ *
+ * Larger headers are not supported, but this is a reasonable
+ * limit that is also employed by the macOS client.
+ *
+ * We used the largest possible size to be able to read the full
+ * header with one IO.
+ */
+ adsize = AD_XATTR_MAX_HDR_SIZE;
break;
default:
return NULL;
diff --git a/source4/torture/vfs/fruit.c b/source4/torture/vfs/fruit.c
index 3a6a198a658..94cbf277677 100644
--- a/source4/torture/vfs/fruit.c
+++ b/source4/torture/vfs/fruit.c
@@ -2397,6 +2397,35 @@ static bool test_write_atalk_rfork_io(struct
torture_context *tctx,
fname, AFPRESOURCE_STREAM_NAME,
(off_t)64*1024*1024, 10, rfork_content);
+ /* Check size after write */
+
+ ZERO_STRUCT(io);
+ io.smb2.in.create_disposition = NTCREATEX_DISP_OPEN;
+ io.smb2.in.desired_access = SEC_FILE_READ_ATTRIBUTE |
+ SEC_FILE_WRITE_ATTRIBUTE;
+ io.smb2.in.fname = rfork;
+ status = smb2_create(tree, mem_ctx, &(io.smb2));
+ CHECK_STATUS(status, NT_STATUS_OK);
+ filehandle = io.smb2.out.file.handle;
+
+ torture_comment(tctx, "(%s) check resource fork size after write\n",
+ __location__);
+
+ ZERO_STRUCT(finfo);
+ finfo.generic.level = RAW_FILEINFO_ALL_INFORMATION;
+ finfo.generic.in.file.handle = filehandle;
+ status = smb2_getinfo_file(tree, mem_ctx, &finfo);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ if (finfo.all_info.out.size != 64*1024*1024 + 10) {
+ torture_result(tctx, TORTURE_FAIL,
+ "(%s) Incorrect resource fork size\n",
+ __location__);
+ ret = false;
+ smb2_util_close(tree, filehandle);
+ goto done;
+ }
+ smb2_util_close(tree, filehandle);
+
ret &= check_stream(tree, __location__, tctx, mem_ctx,
fname, AFPRESOURCE_STREAM_NAME,
(off_t)64*1024*1024, 10, 0, 10, rfork_content);
--
Samba Shared Repository
