[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f4f3abf ldb_tdb: Use mem_ctx and so avoid leak onto long-term memory on duplicated add. from 5ef6775 smbd: don't call change_to_root_user() before change_to_guest() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f4f3abfa0e18bb4968b37b1cac40cd8c185c8d7b Author: Andrew Bartlett Date: Wed Jun 13 11:20:00 2018 +0200 ldb_tdb: Use mem_ctx and so avoid leak onto long-term memory on duplicated add. After a duplicated add a small amount of memory can be leaked onto a long-term context. Found by Andrej Gessel https://github.com/andiges https://github.com/samba-team/samba/commit/e8fb45125e6a279b918694668e0d4fbddac10aee#commitcomment-29334102 BUG: https://bugzilla.samba.org/show_bug.cgi?id=13471 Signed-off-by: Andrew Bartlett Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Jun 15 04:39:41 CEST 2018 on sn-devel-144 --- Summary of changes: lib/ldb/ldb_tdb/ldb_tdb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/lib/ldb/ldb_tdb/ldb_tdb.c b/lib/ldb/ldb_tdb/ldb_tdb.c index 8581604..51d6087 100644 --- a/lib/ldb/ldb_tdb/ldb_tdb.c +++ b/lib/ldb/ldb_tdb/ldb_tdb.c @@ -626,7 +626,7 @@ static int ltdb_add_internal(struct ldb_module *module, if (mem_ctx == NULL) { return ldb_module_operr(module); } - ret2 = ltdb_search_base(module, module, + ret2 = ltdb_search_base(module, mem_ctx, msg->dn, ); TALLOC_FREE(mem_ctx); if (ret2 == LDB_SUCCESS) { -- Samba Shared Repository
autobuild[sn-devel-144]: intermittent test failure detected
The autobuild test system (on sn-devel-144) has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: https://git.samba.org/autobuild.flakey.sn-devel-144/2018-06-15-0052/flakey.log The failure seems to be in the "samba-ad-dc" suite, whose build logs are available here: https://git.samba.org/autobuild.flakey.sn-devel-144/2018-06-15-0052/samba-ad-dc.stderr https://git.samba.org/autobuild.flakey.sn-devel-144/2018-06-15-0052/samba-ad-dc.stdout The top commit at the time of the failure was: commit 5ef6775919e83fdae66385db8d1579fa259602f1 Author: Stefan Metzmacher Date: Wed May 23 14:26:37 2018 +0200 smbd: don't call change_to_root_user() before change_to_guest() This is just an optimization and it makes it clearer that calling change_to_root_user() just before change_to_guest() is useless and confusing. We call change_to_guest() before set_current_service() now, but that has no impact as we pass 'do_chdir=false' as AS_GUEST is never mixed with AS_USER or DO_CHDIR. Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Thu Jun 14 23:38:55 CEST 2018 on sn-devel-144 and the last 50 lines of the stdout log were: INFO: Received PING message from server 3003029.2147483652 [] INFO: Received PING message from server 3003029.3799498817 [] {"timestamp": "2018-06-15T00:52:25.070099+0200", "type": "dsdbChange", "dsdbChange": {"attributes": {"lastLogon": {"actions": [{"action": "replace", "values": [{"value": "131734903450680280"}]}]}, "logonCount": {"actions": [{"action": "replace", "values": [{"value": "2"}]}]}}, "version": {"major": 1, "minor": 0}, "status": "Success", "statusCode": 0, "operation": "Modify", "remoteAddress": null, "performedAsSystem": false, "userSid": "S-1-5-18", "dn": "CN=auditlogtestuser02,CN=Users,DC=addom,DC=samba,DC=example,DC=com", "transactionId": "863271e2-a57c-455f-95b6-62a8f6162e08", "sessionId": "9deb0205-738c-4f00-ad20-ed009775e3d1"}} INFO: Received PING message from server 3003029.195 [] {"timestamp": "2018-06-15T00:52:25.214548+0200", "Authorization": {"authType": "ncacn_np", "domain": "ADDOMAIN", "serviceDescription": "DCE/RPC", "version": {"major": 1, "minor": 1}, "logonServer": "ADDC", "remoteAddress": "ipv4:127.0.0.11:20798", "localAddress": "ipv4:127.0.0.30:445", "account": "auditlogtestuser02", "accountFlags": "0x0010", "sid": "S-1-5-21-4096988786-662615244-2204655363-1808", "sessionId": "1e5b83c8-a753-4f8a-bf3e-c2093a85e8c7", "transportProtection": "SMB"}, "type": "Authorization"} INFO: Received PING message from server 3003029.3471000960 [] {"timestamp": "2018-06-15T00:52:25.221230+0200", "type": "dsdbChange", "dsdbChange": {"attributes": {"clearTextPassword": {"actions": [{"action": "replace", "redacted": true}]}}, "version": {"major": 1, "minor": 0}, "status": "insufficient access rights", "statusCode": 50, "operation": "Modify", "remoteAddress": "ipv4:127.0.0.11:20798", "performedAsSystem": false, "userSid": "S-1-5-21-4096988786-662615244-2204655363-1808", "dn": "CN=auditlogtestuser,CN=Users,DC=addom,DC=samba,DC=example,DC=com", "transactionId": "a2189304-ef13-4e28-a4ce-8127b1758e52", "sessionId": "1e5b83c8-a753-4f8a-bf3e-c2093a85e8c7"}} INFO: Received PING message from server 3003029.3471000960 [] {"timestamp": "2018-06-15T00:52:25.221366+0200", "dsdbTransaction": {"action": "rollback", "version": {"major": 1, "minor": 0}, "transactionId": "a2189304-ef13-4e28-a4ce-8127b1758e52"}, "type": "dsdbTransaction"} INFO: Received PING message from server 3003029.2147483652 [] INFO: Received PING message from server 3003029.3799498817 [] {"timestamp": "2018-06-15T00:52:25.375530+0200", "type": "dsdbChange", "dsdbChange": {"attributes": {"lastLogon": {"actions": [{"action": "replace", "values": [{"value": "131734903453742590"}]}]}, "logonCount": {"actions": [{"action": "replace", "values": [{"value": "2389"}]}]}}, "version": {"major": 1, "minor": 0}, "status": "Success", "statusCode": 0, "operation": "Modify", "remoteAddress": null, "performedAsSystem": false, "userSid": "S-1-5-18", "dn": "CN=Administrator,CN=Users,DC=addom,DC=samba,DC=example,DC=com", "transactionId": "0af0d208-eef9-4095-83d1-224e0155467c", "sessionId": "9deb0205-738c-4f00-ad20-ed009775e3d1"}} INFO: Received PING message from server 3003029.2147483652 [] INFO: Received PING message from server 3003029.3799498817 [] {"timestamp": "2018-06-15T00:52:25.393000+0200", "type": "dsdbChange", "dsdbChange": {"attributes": {"lastLogon": {"actions": [{"action": "replace", "values": [{"value": "131734903453917700"}]}]}, "logonCount": {"actions": [{"action": "replace", "values": [{"value": "2390"}]}]}}, "version": {"major": 1, "minor": 0}, "status": "Success", "statusCode": 0, "operation": "Modify", "remoteAddress": null, "performedAsSystem": false, "userSid":
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5ef6775 smbd: don't call change_to_root_user() before change_to_guest() via 9393d95 smbd: remove useless allow_access() check for AS_GUEST via 51407b9 smbd: split out a fsp_flush_write_time_update() function from update_write_time_handler() via 553df61 smbd: make smbd_setup_sig_{term,hup}_handler() static via 55b1b55 vfs_glusterfs: use tevent_req_defer_callback() in order to use the correct event context via efce558 smbd: call samba_tevent_context_init() within create_conn_struct_as_root() via ee8ea5c smbd: use pconn = talloc_move(ctx, ) in create_conn_struct_as_root() via d156483 smbd: remove unused create_conn_struct() function via b5302c6 smbd: let create_conn_struct_tos() use create_conn_struct_as_root() directly via b71362b vfstest: make use of create_conn_struct_tos() via cdb875f smbd: remove unused create_conn_struct_cwd() function via 240c47c printing: convert delete_driver_files() to use create_conn_struct_tos_cwd() via ae32a26 printing: convert move_driver_to_download_area() to use create_conn_struct_tos_cwd() via 76297c3 printing: convert get_correct_cversion() to use create_conn_struct_tos_cwd() via e56bb42 printing: add an explicit talloc_stackframe() to delete_driver_files() via a2ad24f printing: add an explicit talloc_stackframe() to move_driver_to_download_area() via bad43d3 printing: add an explicit talloc_stackframe() to get_correct_cversion() via 7d493ea printing: add more 'const' to read only input pointers via 498830c s3:rpc_server/srvsvc: _srvsvc_NetSetFileSecurity form_junctions() to use create_conn_struct_tos_cwd() via f9860b6 s3:rpc_server/srvsvc: _srvsvc_NetGetFileSecurity() to use create_conn_struct_tos_cwd() via 185d471 s3:rpc_server/srvsvc: add an explicit talloc_stackframe() to _srvsvc_NetSetFileSecurity() via 44e3c03 s3:rpc_server/srvsvc: add an explicit talloc_stackframe() to _srvsvc_NetGetFileSecurity() via 36d3de0 smbd: convert form_junctions() to use create_conn_struct_tos_cwd() via bcb4d42 smbd: convert count_dfs_links() to use create_conn_struct_tos_cwd() via 73e5d47 smbd: convert get_referred_path() to use create_conn_struct_tos_cwd() via 42610e0 smbd: convert junction_to_local_path() to use create_conn_struct_tos_cwd() via 2401e25 smbd: add an explicit talloc_stackframe() to form_junctions() via 15ea2c1 smbd: add an explicit talloc_stackframe() to count_dfs_links() via e3837d3 smbd: add an explicit talloc_stackframe() to get_referred_path() via a9f5dcd smbd: add an explicit talloc_stackframe() to {create,remove}_msdfs_link() via ac922eb s3:rpc_server/fss: make use of create_conn_struct_tos() via 7983c70 s3:rpc_server/fss: use talloc_stackframe() for temporary memory via 96ac5a8 smbd: make use of create_conn_struct_tos() in get_nt_acl_no_snum() via 1566766 pysmbd: make use of create_conn_struct_tos() via 67ea594 pysmbd: remove explicit talloc_stackframe() from get_conn() and name it get_conn_tos() via 539f51f pysmbd: fix some talloc_stackframe() memory leaks and clean up the frame hierarchy in make_simple_acl(). via 7ef67df pysmbd: consitently use talloc_stackframe() for temporary memory via cbde2e3 pysmbd: remove useless explicit conn_free() from set_nt_acl_conn() via 66bc2c4 smbd: add create_conn_struct_tos[_cwd]() helper functions via ebae5e0 printing: remove unused arguments from delete_and_reload_printers() via 72bd688 printing: remove unused arguments from load_printers() from d33c355 CID 1416475: possibly dereferencing NULL in fruit_pread_meta https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5ef6775919e83fdae66385db8d1579fa259602f1 Author: Stefan Metzmacher Date: Wed May 23 14:26:37 2018 +0200 smbd: don't call change_to_root_user() before change_to_guest() This is just an optimization and it makes it clearer that calling change_to_root_user() just before change_to_guest() is useless and confusing. We call change_to_guest() before set_current_service() now, but that has no impact as we pass 'do_chdir=false' as AS_GUEST is never mixed with AS_USER or DO_CHDIR. Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Thu Jun 14 23:38:55 CEST 2018 on sn-devel-144 commit 9393d95f22276a5374f991746d48050fe0be47c5 Author: Stefan Metzmacher Date: Wed May 23 14:23:17 2018 +0200 smbd: remove useless allow_access() check for AS_GUEST We already call allow_access() when we accept the connection in smbd_add_connection().
[SCM] Socket Wrapper Repository - branch master updated
The branch, master has been updated via 5529ba0 swrap: Replace socket_fds linked list with an array from 321833e tests: Fix resouce leak in echo_srv tcp handling https://git.samba.org/?p=socket_wrapper.git;a=shortlog;h=master - Log - commit 5529ba060519017bb71de5de6e7b81e5b3d56ccf Author: Anoop C S Date: Sun Jun 10 13:19:14 2018 +0530 swrap: Replace socket_fds linked list with an array This fixes the following bug: As we are using a doubly linked list, we need a mutex which needs to be locked when we are reading it that we do not end up with invalid pointers. The following can happen: We are in swrap_close() which calls find_socket_info_fd() this locks the mutex for the linked list. Now we get a singal SIGCHILD and the signal handler is called. The signal handler calls swrap_write() and we try to find out if the socket is managed by socket_wrapper calling find_socket_info_fd() again -> DEADLOCK! By moving to an array to handle the socket fds and using the fd as the array access, we do not need a mutex for reading anymore. All we need is a memory barrier. This change also improves the performance as we move from the a linked list to a hash table! Pair-Programmed-With: Andreas Schneider Signed-off-by: Anoop C S Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher --- Summary of changes: src/socket_wrapper.c | 314 --- 1 file changed, 122 insertions(+), 192 deletions(-) Changeset truncated at 500 lines: diff --git a/src/socket_wrapper.c b/src/socket_wrapper.c index 6c9ec51..a22f7dc 100644 --- a/src/socket_wrapper.c +++ b/src/socket_wrapper.c @@ -142,6 +142,10 @@ enum swrap_dbglvl_e { } while(0) #endif +#ifndef SAFE_FREE +#define SAFE_FREE(x) do { if ((x) != NULL) {free(x); (x)=NULL;} } while(0) +#endif + #ifndef discard_const #define discard_const(ptr) ((void *)((uintptr_t)(ptr))) #endif @@ -198,68 +202,6 @@ enum swrap_dbglvl_e { pthread_mutex_unlock(>meta.mutex); \ } while(0) -#define DLIST_ADD(list, item) do { \ - if (!(list)) { \ - (item)->prev= NULL; \ - (item)->next= NULL; \ - (list) = (item); \ - } else { \ - (item)->prev= NULL; \ - (item)->next= (list); \ - (list)->prev= (item); \ - (list) = (item); \ - } \ -} while (0) - -#define SWRAP_DLIST_ADD(list, item) do { \ - SWRAP_LOCK(list); \ - DLIST_ADD(list, item); \ - SWRAP_UNLOCK(list); \ -} while (0) - -#define DLIST_REMOVE(list, item) do { \ - if ((list) == (item)) { \ - (list) = (item)->next; \ - if (list) { \ - (list)->prev= NULL; \ - } \ - } else { \ - if ((item)->prev) { \ - (item)->prev->next = (item)->next; \ - } \ - if ((item)->next) { \ - (item)->next->prev = (item)->prev; \ - } \ - } \ - (item)->prev= NULL; \ - (item)->next= NULL; \ -} while (0) - -#define SWRAP_DLIST_REMOVE(list,item) do { \ - SWRAP_LOCK(list); \ - DLIST_REMOVE(list, item); \ - SWRAP_UNLOCK(list); \ -} while (0) - -#define DLIST_ADD_AFTER(list, item, el) do { \ - if ((list) == NULL || (el) == NULL) { \ - DLIST_ADD(list, item); \ - } else { \ - (item)->prev = (el); \ - (item)->next = (el)->next; \ - (el)->next = (item); \ - if ((item)->next != NULL) { \ - (item)->next->prev = (item); \ - } \ - } \ -} while (0) - -#define SWRAP_DLIST_ADD_AFTER(list, item, el) do { \ - SWRAP_LOCK(list); \ - DLIST_ADD_AFTER(list, item, el); \ - SWRAP_UNLOCK(list); \ -} while (0) - #if defined(HAVE_GETTIMEOFDAY_TZ) || defined(HAVE_GETTIMEOFDAY_TZ_VOID) #define swrapGetTimeOfDay(tval) gettimeofday(tval,NULL) #else @@ -288,7 +230,6 @@ enum swrap_dbglvl_e { #define SOCKET_MAX_SOCKETS 1024 - /* * Maximum number of socket_info structures that can * be used. Can be overriden by the environment variable @@ -316,17 +257,6 @@ struct swrap_address { } sa; }; -struct socket_info_fd { - struct socket_info_fd *prev, *next; - int fd; - - /* -* Points to corresponding index in array of -* socket_info structures -*/ - int si_index; -}; - int first_free; struct socket_info @@ -376,7 +306,7 @@ static size_t max_sockets = 0; * numerical value gets changed. So its better to store it locally to each * process rather than including