The branch, v4-17-test has been updated
via ec6a057e690 s3: smbd: Fix fsp/fd leak when looking up a
non-existent stream name on a file.
via 460bc1897a3 s3: tests: Add new test_stream_dir_rename.sh test.
via 1caac94128e s3: provision: Add new streams_xattr_nostrict share -
needs "strict rename = no".
from bfbb854d746 rpcd: With npa->need_idle_server we can have more than
256 servers
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-17-test
- Log -----------------------------------------------------------------
commit ec6a057e6908408c7d64f6da7e5b11503d14a144
Author: Jeremy Allison <j...@samba.org>
Date: Tue Feb 28 11:20:12 2023 -0800
s3: smbd: Fix fsp/fd leak when looking up a non-existent stream name on a
file.
When open_stream_pathref_fsp() returns
NT_STATUS_OBJECT_NAME_NOT_FOUND, smb_fname_rel->fsp
has been set to NULL, so we must free base_fsp separately
to prevent fd-leaks when opening a stream that doesn't
exist.
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15314
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
Autobuild-User(master): Ralph Böhme <s...@samba.org>
Autobuild-Date(master): Fri Mar 3 16:37:27 UTC 2023 on atb-devel-224
(cherry picked from commit 3f84a6df4546e0f1e62dfbcd0b823ea29499a787)
Autobuild-User(v4-17-test): Jule Anger <jan...@samba.org>
Autobuild-Date(v4-17-test): Wed Mar 8 10:11:41 UTC 2023 on sn-devel-184
commit 460bc1897a3031728a505e660155f55a0762e5c8
Author: Jeremy Allison <j...@samba.org>
Date: Tue Feb 28 11:18:10 2023 -0800
s3: tests: Add new test_stream_dir_rename.sh test.
Shows we are leaking an fsp/fd if we request a non-existent stream on a
file.
This then causes rename of a directory containing the file to be denied, as
it thinks we have an existing open file below it.
Add knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15314
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit c54bec26ad23b0121b2ddfbf04bc81050f27e6e1)
commit 1caac94128e66884c7a844ddb3c6ef1f02d20bdc
Author: Jeremy Allison <j...@samba.org>
Date: Tue Feb 28 11:14:34 2023 -0800
s3: provision: Add new streams_xattr_nostrict share - needs "strict rename
= no".
The bug we're testing for needs "strict rename = no" (the default),
but the existing streams_xattr share uses "strict rename = yes" from
the [global] section.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15314
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 5a3db5105bd8360b245cd35810002740ccff605c)
-----------------------------------------------------------------------
Summary of changes:
selftest/target/Samba3.pm | 5 ++
source3/script/tests/test_stream_dir_rename.sh | 72 ++++++++++++++++++++++++++
source3/selftest/tests.py | 4 ++
source3/smbd/filename.c | 21 ++++++++
4 files changed, 102 insertions(+)
create mode 100755 source3/script/tests/test_stream_dir_rename.sh
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index c22b382a24e..f9c732284c2 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -3434,6 +3434,11 @@ sub provision($$)
copy = tmp
vfs objects = streams_xattr xattr_tdb
+[streams_xattr_nostrict]
+ copy = tmp
+ strict rename = no
+ vfs objects = streams_xattr xattr_tdb
+
[acl_streams_xattr]
copy = tmp
vfs objects = acl_xattr streams_xattr fake_acls xattr_tdb
diff --git a/source3/script/tests/test_stream_dir_rename.sh
b/source3/script/tests/test_stream_dir_rename.sh
new file mode 100755
index 00000000000..7ac3194f649
--- /dev/null
+++ b/source3/script/tests/test_stream_dir_rename.sh
@@ -0,0 +1,72 @@
+#!/bin/sh
+#
+# Test a stream can rename a directory once an invalid stream path below it
was requested.
+# BUG: https://bugzilla.samba.org/show_bug.cgi?id=15314
+
+if [ $# -lt 5 ]; then
+ cat <<EOF
+Usage: test_stream_dir_rename.sh SERVER USERNAME PASSWORD PREFIX SMBCLIENT
+EOF
+ exit 1
+fi
+
+SERVER="${1}"
+USERNAME="${2}"
+PASSWORD="${3}"
+PREFIX="${4}"
+SMBCLIENT="${5}"
+SMBCLIENT="$VALGRIND ${SMBCLIENT}"
+shift 5
+
+incdir=$(dirname $0)/../../../testprogs/blackbox
+. $incdir/subunit.sh
+
+failed=0
+
+# Do not let deprecated option warnings muck this up
+SAMBA_DEPRECATED_SUPPRESS=1
+export SAMBA_DEPRECATED_SUPPRESS
+
+test_stream_xattr_rename()
+{
+ tmpfile=$PREFIX/smbclient_interactive_prompt_commands
+ #
+ # Test against streams_xattr_nostrict
+ #
+ cat >$tmpfile <<EOF
+deltree stream_xattr_test
+deltree stream_xattr_test1
+mkdir stream_xattr_test
+put ${PREFIX}/smbclient_interactive_prompt_commands stream_xattr_test/file.txt
+get stream_xattr_test/file.txt:abcf
+rename stream_xattr_test stream_xattr_test1
+deltree stream_xattr_test
+deltree stream_xattr_test1
+quit
+EOF
+ cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD
//$SERVER/streams_xattr_nostrict < $tmpfile 2>&1'
+ eval echo "$cmd"
+ out=$(eval $cmd)
+ ret=$?
+ rm -f $tmpfile
+
+ if [ $ret -ne 0 ]; then
+ echo "$out"
+ echo "failed rename on xattr stream test to test1 with error
$ret"
+ return 1
+ fi
+
+ echo "$out" | grep "NT_STATUS_ACCESS_DENIED"
+ ret=$?
+ if [ $ret -eq 0 ]; then
+ echo "$out"
+ echo "failed rename on xattr stream with
NT_STATUS_ACCESS_DENIED"
+ return 1
+ fi
+}
+
+testit "stream_rename" \
+ test_stream_xattr_rename ||
+ failed=$((failed + 1))
+
+testok "$0" "$failed"
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index c15f9741cb4..2c5ae8cff4f 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -645,6 +645,10 @@ for env in ["fileserver"]:
[os.path.join(samba3srcdir,
"script/tests/test_veto_files.sh"),
'$SERVER', '$SERVER_IP', '$USERNAME', '$PASSWORD',
'$LOCAL_PATH/veto', smbclient3])
+ plantestsuite("samba3.blackbox.stream_dir_rename", env,
+ [os.path.join(samba3srcdir,
"script/tests/test_stream_dir_rename.sh"),
+ '$SERVER', '$USERNAME', '$PASSWORD', '$PREFIX', smbclient3])
+
#
# tar command tests
#
diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index 2e03c6a5ab7..326c2812bb2 100644
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -1412,6 +1412,16 @@ static NTSTATUS filename_convert_dirfsp_nosymlink(
status = NT_STATUS_NO_MEMORY;
goto fail;
}
+ /*
+ * When open_stream_pathref_fsp() returns
+ * NT_STATUS_OBJECT_NAME_NOT_FOUND, smb_fname_rel->fsp
+ * has been set to NULL, so we must free base_fsp separately
+ * to prevent fd-leaks when opening a stream that doesn't
+ * exist.
+ */
+ fd_close(base_fsp);
+ file_free(NULL, base_fsp);
+ base_fsp = NULL;
goto done;
}
@@ -1428,6 +1438,17 @@ done:
return NT_STATUS_OK;
fail:
+ /*
+ * If open_stream_pathref_fsp() returns an error, smb_fname_rel->fsp
+ * has been set to NULL, so we must free base_fsp separately
+ * to prevent fd-leaks when opening a stream that doesn't
+ * exist.
+ */
+ if (base_fsp != NULL) {
+ fd_close(base_fsp);
+ file_free(NULL, base_fsp);
+ base_fsp = NULL;
+ }
TALLOC_FREE(dirname);
TALLOC_FREE(smb_dirname);
TALLOC_FREE(smb_fname_rel);
--
Samba Shared Repository
