Attachment #7542 for bug #40921

View | Details | Raw Unified | Return to bug 40921
Collapse All | Expand All




				files_struct *fsp,
				const SMB_STRUCT_STAT *psbuf);

/****************************************************************************
 Check if an open file handle or pathname is a symlink.
****************************************************************************/

static NTSTATUS refuse_symlink(connection_struct *conn,
			const files_struct *fsp,
			const char *name)
{
	SMB_STRUCT_STAT sbuf;
	const SMB_STRUCT_STAT *pst = NULL;

	if (fsp) {
		pst = &fsp->fsp_name->st;
	} else {
		int ret = vfs_stat_smb_fname(conn,
				name,
				&sbuf);
		if (ret == -1) {
			return map_nt_error_from_unix(errno);
		}
		pst = &sbuf;
	}
	if (S_ISLNK(pst->st_ex_mode)) {
		return NT_STATUS_ACCESS_DENIED;
	}
	return NT_STATUS_OK;
}

/********************************************************************
 Roundup a value to the nearest allocation roundup size boundary.
 Only do this for Windows clients.
- 
POSIX file handle on a symlink.
--
source3/smbd/nttrans.c | 6 ++++++
1 file changed, 6 insertions(+)




		return NT_STATUS_ACCESS_DENIED;
	}

	if (S_ISLNK(fsp->fsp_name->st.st_ex_mode)) {
		DEBUG(10, ("ACL get on symlink %s denied.\n",
			fsp_str_dbg(fsp)));
		return NT_STATUS_ACCESS_DENIED;
	}

	if (security_info_wanted & (SECINFO_DACL|SECINFO_OWNER|
			SECINFO_GROUP|SECINFO_SACL)) {
		/* Don't return SECINFO_LABEL if anything else was
- 
POSIX file handle on a symlink.
--
source3/smbd/nttrans.c | 6 ++++++
1 file changed, 6 insertions(+)




		return NT_STATUS_OK;
	}

	if (S_ISLNK(fsp->fsp_name->st.st_ex_mode)) {
		DEBUG(10, ("ACL set on symlink %s denied.\n",
			fsp_str_dbg(fsp)));
		return NT_STATUS_ACCESS_DENIED;
	}

	if (psd->owner_sid == NULL) {
		security_info_sent &= ~SECINFO_OWNER;
	}
- 
symlink.
--
source3/smbd/trans2.c | 6 ++++++
1 file changed, 6 insertions(+)




	uint16 num_def_acls;
	bool valid_file_acls = True;
	bool valid_def_acls = True;
	NTSTATUS status;

	if (total_data < SMB_POSIX_ACL_HEADER_SIZE) {
		return NT_STATUS_INVALID_PARAMETER;

		return NT_STATUS_INVALID_PARAMETER;
	}

	status = refuse_symlink(conn, fsp, smb_fname->base_name);
	if (!NT_STATUS_IS_OK(status)) {
		return status;
	}

	DEBUG(10,("smb_set_posix_acl: file %s num_file_acls = %u, num_def_acls = %u\n",
		smb_fname ? smb_fname_str_dbg(smb_fname) : fsp_str_dbg(fsp),
		(unsigned int)num_file_acls,
- 
symlink.
--
source3/smbd/trans2.c | 7 +++++++
1 file changed, 7 insertions(+)




				uint16 num_file_acls = 0;
				uint16 num_def_acls = 0;

				status = refuse_symlink(conn,
						fsp,
						smb_fname->base_name);
				if (!NT_STATUS_IS_OK(status)) {
					return status;
				}

				if (fsp && fsp->fh->fd != -1) {
					file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp);
				} else {
- 
removal of code duplication.
--
source3/smbd/trans2.c | 13 +++++--------
1 file changed, 5 insertions(+), 8 deletions(-)




	size_t num_names;
	ssize_t sizeret = -1;

	if (pnames) {
		*pnames = NULL;
	}
	*pnum_names = 0;

	if (!lp_ea_support(SNUM(conn))) {
		if (pnames) {
			*pnames = NULL;
		}
		*pnum_names = 0;
		return NT_STATUS_OK;
	}



	if (sizeret == 0) {
		TALLOC_FREE(names);
		if (pnames) {
			*pnames = NULL;
		}
		*pnum_names = 0;
		return NT_STATUS_OK;
	}

- 
available on a symlink.
--
source3/smbd/trans2.c | 9 +++++++++
1 file changed, 9 insertions(+)




	char **names, **tmp;
	size_t num_names;
	ssize_t sizeret = -1;
	NTSTATUS status;

	if (pnames) {
		*pnames = NULL;

		return NT_STATUS_OK;
	}

	status = refuse_symlink(conn, fsp, fname);
	if (!NT_STATUS_IS_OK(status)) {
		/*
		 * Just return no EA's on a symlink.
		 */
		return NT_STATUS_OK;
	}

	/*
	 * TALLOC the result early to get the talloc hierarchy right.
	 */
- 
--
source3/smbd/trans2.c | 7 +++++++
1 file changed, 7 insertions(+)

Lines 584-589 NTSTATUS set_ea(connection_struct conn, files_struct fsp, Link Here

(-)a/source3/smbd/trans2.c (-1 / +7 lines)
584	const struct smb_filename smb_fname, struct ea_list ea_list)	584	const struct smb_filename smb_fname, struct ea_list ea_list)
585	{	585	{
586	char *fname = NULL;	586	char *fname = NULL;
		587	NTSTATUS status;
587		588
588	if (!lp_ea_support(SNUM(conn))) {	589	if (!lp_ea_support(SNUM(conn))) {
589	return NT_STATUS_EAS_NOT_SUPPORTED;	590	return NT_STATUS_EAS_NOT_SUPPORTED;
Lines 593-598 NTSTATUS set_ea(connection_struct conn, files_struct fsp, Link Here
593	return NT_STATUS_ACCESS_DENIED;	594	return NT_STATUS_ACCESS_DENIED;
594	}	595	}
595		596
		597	status = refuse_symlink(conn, fsp, smb_fname->base_name);
		598	if (!NT_STATUS_IS_OK(status)) {
		599	return status;
		600	}
		601
		602
596	/* For now setting EAs on streams isn't supported. */	603	/* For now setting EAs on streams isn't supported. */
597	fname = smb_fname->base_name;	604	fname = smb_fname->base_name;
598		605
599	-

Return to bug 40921

Lines 1925-1930 NTSTATUS smbd_do_query_security_desc(connection_struct *conn, Link Here

(-)a/source3/smbd/nttrans.c (-2 / +6 lines)
1925	return NT_STATUS_ACCESS_DENIED;	1925	return NT_STATUS_ACCESS_DENIED;
1926	}	1926	}
1927		1927
		1928	if (S_ISLNK(fsp->fsp_name->st.st_ex_mode)) {
		1929	DEBUG(10, ("ACL get on symlink %s denied.\n",
		1930	fsp_str_dbg(fsp)));
		1931	return NT_STATUS_ACCESS_DENIED;
		1932	}
		1933
1928	if (security_info_wanted & (SECINFO_DACL\|SECINFO_OWNER\|	1934	if (security_info_wanted & (SECINFO_DACL\|SECINFO_OWNER\|
1929	SECINFO_GROUP\|SECINFO_SACL)) {	1935	SECINFO_GROUP\|SECINFO_SACL)) {
1930	/* Don't return SECINFO_LABEL if anything else was	1936	/* Don't return SECINFO_LABEL if anything else was
1931	-
1932	POSIX file handle on a symlink.	1937	POSIX file handle on a symlink.
1933	--
1934	source3/smbd/nttrans.c \| 6 ++++++	1938	source3/smbd/nttrans.c \| 6 ++++++
1935	1 file changed, 6 insertions(+)	1939	1 file changed, 6 insertions(+)

Lines 877-882 NTSTATUS set_sd(files_struct fsp, struct security_descriptor psd, Link Here

(-)a/source3/smbd/nttrans.c (-2 / +6 lines)
877	return NT_STATUS_OK;	877	return NT_STATUS_OK;
878	}	878	}
879		879
		880	if (S_ISLNK(fsp->fsp_name->st.st_ex_mode)) {
		881	DEBUG(10, ("ACL set on symlink %s denied.\n",
		882	fsp_str_dbg(fsp)));
		883	return NT_STATUS_ACCESS_DENIED;
		884	}
		885
880	if (psd->owner_sid == NULL) {	886	if (psd->owner_sid == NULL) {
881	security_info_sent &= ~SECINFO_OWNER;	887	security_info_sent &= ~SECINFO_OWNER;
882	}	888	}
883	-
884	symlink.	889	symlink.
885	--
886	source3/smbd/trans2.c \| 6 ++++++	890	source3/smbd/trans2.c \| 6 ++++++
887	1 file changed, 6 insertions(+)	891	1 file changed, 6 insertions(+)

Lines 6480-6485 static NTSTATUS smb_set_posix_acl(connection_struct *conn, Link Here

(-)a/source3/smbd/trans2.c (-2 / +6 lines)
6480	uint16 num_def_acls;	6480	uint16 num_def_acls;
6481	bool valid_file_acls = True;	6481	bool valid_file_acls = True;
6482	bool valid_def_acls = True;	6482	bool valid_def_acls = True;
		6483	NTSTATUS status;
6483		6484
6484	if (total_data < SMB_POSIX_ACL_HEADER_SIZE) {	6485	if (total_data < SMB_POSIX_ACL_HEADER_SIZE) {
6485	return NT_STATUS_INVALID_PARAMETER;	6486	return NT_STATUS_INVALID_PARAMETER;
Lines 6507-6512 static NTSTATUS smb_set_posix_acl(connection_struct *conn, Link Here
6507	return NT_STATUS_INVALID_PARAMETER;	6508	return NT_STATUS_INVALID_PARAMETER;
6508	}	6509	}
6509		6510
		6511	status = refuse_symlink(conn, fsp, smb_fname->base_name);
		6512	if (!NT_STATUS_IS_OK(status)) {
		6513	return status;
		6514	}
		6515
6510	DEBUG(10,("smb_set_posix_acl: file %s num_file_acls = %u, num_def_acls = %u\n",	6516	DEBUG(10,("smb_set_posix_acl: file %s num_file_acls = %u, num_def_acls = %u\n",
6511	smb_fname ? smb_fname_str_dbg(smb_fname) : fsp_str_dbg(fsp),	6517	smb_fname ? smb_fname_str_dbg(smb_fname) : fsp_str_dbg(fsp),
6512	(unsigned int)num_file_acls,	6518	(unsigned int)num_file_acls,
6513	-
6514	symlink.	6519	symlink.
6515	--
6516	source3/smbd/trans2.c \| 7 +++++++	6520	source3/smbd/trans2.c \| 7 +++++++
6517	1 file changed, 7 insertions(+)	6521	1 file changed, 7 insertions(+)

Lines 4959-4964 NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, Link Here

(-)a/source3/smbd/trans2.c (-2 / +7 lines)
4959	uint16 num_file_acls = 0;	4959	uint16 num_file_acls = 0;
4960	uint16 num_def_acls = 0;	4960	uint16 num_def_acls = 0;
4961		4961
		4962	status = refuse_symlink(conn,
		4963	fsp,
		4964	smb_fname->base_name);
		4965	if (!NT_STATUS_IS_OK(status)) {
		4966	return status;
		4967	}
		4968
4962	if (fsp && fsp->fh->fd != -1) {	4969	if (fsp && fsp->fh->fd != -1) {
4963	file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp);	4970	file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp);
4964	} else {	4971	} else {
4965	-
4966	removal of code duplication.	4972	removal of code duplication.
4967	--
4968	source3/smbd/trans2.c \| 13 +++++--------	4973	source3/smbd/trans2.c \| 13 +++++--------
4969	1 file changed, 5 insertions(+), 8 deletions(-)	4974	1 file changed, 5 insertions(+), 8 deletions(-)

Lines 210-220 NTSTATUS get_ea_names_from_file(TALLOC_CTX mem_ctx, connection_struct conn, Link Here

(-)a/source3/smbd/trans2.c (-10 / +5 lines)
210	size_t num_names;	210	size_t num_names;
211	ssize_t sizeret = -1;	211	ssize_t sizeret = -1;
212		212
		213	if (pnames) {
		214	*pnames = NULL;
		215	}
		216	*pnum_names = 0;
		217
213	if (!lp_ea_support(SNUM(conn))) {	218	if (!lp_ea_support(SNUM(conn))) {
214	if (pnames) {
215	*pnames = NULL;
216	}
217	*pnum_names = 0;
218	return NT_STATUS_OK;	219	return NT_STATUS_OK;
219	}	220	}
220		221
Lines 264-273 NTSTATUS get_ea_names_from_file(TALLOC_CTX mem_ctx, connection_struct conn, Link Here
264		265
265	if (sizeret == 0) {	266	if (sizeret == 0) {
266	TALLOC_FREE(names);	267	TALLOC_FREE(names);
267	if (pnames) {
268	*pnames = NULL;
269	}
270	*pnum_names = 0;
271	return NT_STATUS_OK;	268	return NT_STATUS_OK;
272	}	269	}
273		270
274	-
275	available on a symlink.	271	available on a symlink.
276	--
277	source3/smbd/trans2.c \| 9 +++++++++	272	source3/smbd/trans2.c \| 9 +++++++++
278	1 file changed, 9 insertions(+)	273	1 file changed, 9 insertions(+)

Lines 51-56 static char store_file_unix_basic_info2(connection_struct conn, Link Here

(-)a/source3/smbd/trans2.c (-2 / +28 lines)
51	files_struct *fsp,	51	files_struct *fsp,
52	const SMB_STRUCT_STAT *psbuf);	52	const SMB_STRUCT_STAT *psbuf);
53		53
		54	/****************************************************************************
		55	Check if an open file handle or pathname is a symlink.
		56	****************************************************************************/
		57
		58	static NTSTATUS refuse_symlink(connection_struct *conn,
		59	const files_struct *fsp,
		60	const char *name)
		61	{
		62	SMB_STRUCT_STAT sbuf;
		63	const SMB_STRUCT_STAT *pst = NULL;
		64
		65	if (fsp) {
		66	pst = &fsp->fsp_name->st;
		67	} else {
		68	int ret = vfs_stat_smb_fname(conn,
		69	name,
		70	&sbuf);
		71	if (ret == -1) {
		72	return map_nt_error_from_unix(errno);
		73	}
		74	pst = &sbuf;
		75	}
		76	if (S_ISLNK(pst->st_ex_mode)) {
		77	return NT_STATUS_ACCESS_DENIED;
		78	}
		79	return NT_STATUS_OK;
		80	}
		81
54	/********************************************************************	82	/********************************************************************
55	Roundup a value to the nearest allocation roundup size boundary.	83	Roundup a value to the nearest allocation roundup size boundary.
56	Only do this for Windows clients.	84	Only do this for Windows clients.
57	-
58	POSIX file handle on a symlink.	85	POSIX file handle on a symlink.
59	--
60	source3/smbd/nttrans.c \| 6 ++++++	86	source3/smbd/nttrans.c \| 6 ++++++
61	1 file changed, 6 insertions(+)	87	1 file changed, 6 insertions(+)

Lines 209-214 NTSTATUS get_ea_names_from_file(TALLOC_CTX mem_ctx, connection_struct conn, Link Here

(-)a/source3/smbd/trans2.c (-2 / +9 lines)
209	char names, tmp;	209	char names, tmp;
210	size_t num_names;	210	size_t num_names;
211	ssize_t sizeret = -1;	211	ssize_t sizeret = -1;
		212	NTSTATUS status;
212		213
213	if (pnames) {	214	if (pnames) {
214	*pnames = NULL;	215	*pnames = NULL;
Lines 219-224 NTSTATUS get_ea_names_from_file(TALLOC_CTX mem_ctx, connection_struct conn, Link Here
219	return NT_STATUS_OK;	220	return NT_STATUS_OK;
220	}	221	}
221		222
		223	status = refuse_symlink(conn, fsp, fname);
		224	if (!NT_STATUS_IS_OK(status)) {
		225	/*
		226	* Just return no EA's on a symlink.
		227	*/
		228	return NT_STATUS_OK;
		229	}
		230
222	/*	231	/*
223	* TALLOC the result early to get the talloc hierarchy right.	232	* TALLOC the result early to get the talloc hierarchy right.
224	*/	233	*/
225	-
226	--
227	source3/smbd/trans2.c \| 7 +++++++	234	source3/smbd/trans2.c \| 7 +++++++
228	1 file changed, 7 insertions(+)	235	1 file changed, 7 insertions(+)