The branch, v4-0-test has been updated
via 9bfcb9f Ensure we test the dirsort module in make test.
via 2870ba2 Remove unneeded initializations (we already talloc_zero).
via a677246 Remove the use of dirfd inside the vfs_dirsort.c.
via b8712d0 Convert mtime from a time_t to a struct timespec.
via f8da00d Check SMB_VFS_NEXT_OPENDIR return in dirsort_opendir().
via 38858df Clean error paths in opendir and fd_opendir by only setting
handle data on success.
via c0b62e9 Protect open_and_sort_dir() from the directory changing
size.
via bb3a65a Use an index i rather than re-using a state variable.
via c483976 Protect against early error in SMB_VFS_NEXT_READDIR.
via d95f2b0 Change source3/modules/vfs_dirsort.c from MALLOC -> TALLOC.
via 284f579 s3:smbd: do not access data behind req->buf+req->buflen in
srvstr_pull_req_talloc()
via c22b34a s3:smbd: convert srvstr_pull_req_talloc() into a function
via 8394dd2 s3:smbd: do not access data behind req->buf+req->buflen in
srvstr_get_path_req_wcard()
from 86dbc31 BUG 9766: Cache name_to_sid/sid_to_name correctly.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit 9bfcb9f43c36419d60368086a0f21d04cf9ecca8
Author: Jeremy Allison <j...@samba.org>
Date: Tue Apr 9 16:56:24 2013 -0700
Ensure we test the dirsort module in make test.
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
Autobuild-User(master): Jeremy Allison <j...@samba.org>
Autobuild-Date(master): Thu Apr 11 21:17:21 CEST 2013 on sn-devel-104
The last 10 patches address bug #9777 - vfs_dirsort uses non-stackable
calls,
dirfd(), malloc instead of talloc and doesn't cope with directories being
modified whilst reading.
Autobuild-User(v4-0-test): Karolin Seeger <ksee...@samba.org>
Autobuild-Date(v4-0-test): Wed Apr 17 10:43:37 CEST 2013 on sn-devel-104
commit 2870ba20d69abec387cbbfe4f8c97ed3fdcdb44f
Author: Jeremy Allison <j...@samba.org>
Date: Tue Apr 9 11:02:58 2013 -0700
Remove unneeded initializations (we already talloc_zero).
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit a6772469a42db5f8a7a0bd2d4787bd4a07cfc1ef
Author: Jeremy Allison <j...@samba.org>
Date: Tue Apr 9 10:50:55 2013 -0700
Remove the use of dirfd inside the vfs_dirsort.c.
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit b8712d02665163dad4b922c4966803019931aeaa
Author: Jeremy Allison <j...@samba.org>
Date: Tue Apr 9 10:43:53 2013 -0700
Convert mtime from a time_t to a struct timespec.
In preparation for removing the dirfd and using fsp_stat()
and VFS_STAT functions.
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit f8da00db45e3b81d8b0a6c0c62f113c64e0e40fe
Author: Jeremy Allison <j...@samba.org>
Date: Tue Apr 9 10:38:24 2013 -0700
Check SMB_VFS_NEXT_OPENDIR return in dirsort_opendir().
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 38858df51b2c10f80a0ac539f90d3bd4dd7a4b42
Author: Jeremy Allison <j...@samba.org>
Date: Tue Apr 9 10:29:47 2013 -0700
Clean error paths in opendir and fd_opendir by only setting handle data on
success.
Pass extra struct dirsort_privates * to open_and_sort_dir() function
to avoid it having to re-read the handle data.
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit c0b62e9b8c7a4b41dbc2d3600cd9cc67931165a2
Author: Jeremy Allison <j...@samba.org>
Date: Mon Apr 8 16:40:35 2013 -0700
Protect open_and_sort_dir() from the directory changing size.
Otherwise there could be an error between initial count, allocation
and re-read.
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit bb3a65a572133a1a479ce8f3948d61367ed9aa31
Author: Jeremy Allison <j...@samba.org>
Date: Mon Apr 8 16:38:03 2013 -0700
Use an index i rather than re-using a state variable.
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit c4839767316a9e74a26e0691873e4e84357905a2
Author: Jeremy Allison <j...@samba.org>
Date: Mon Apr 8 16:31:53 2013 -0700
Protect against early error in SMB_VFS_NEXT_READDIR.
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit d95f2b085098c1d5e637beaea6eda5bcb03ac197
Author: Jeremy Allison <j...@samba.org>
Date: Mon Apr 8 15:11:28 2013 -0700
Change source3/modules/vfs_dirsort.c from MALLOC -> TALLOC.
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 284f5790cec980f3d6c6cf740d28a364003e59fc
Author: Ralph Wuerthner <ralph.wuerth...@de.ibm.com>
Date: Thu Apr 4 13:29:01 2013 +0200
s3:smbd: do not access data behind req->buf+req->buflen in
srvstr_pull_req_talloc()
The last 3 patches address bug #9782 - Panic when running 'smbtorture
smb.base'.
commit c22b34a9c638ec618a1f680940c14989ba811c18
Author: Ralph Wuerthner <ralph.wuerth...@de.ibm.com>
Date: Thu Apr 4 13:24:36 2013 +0200
s3:smbd: convert srvstr_pull_req_talloc() into a function
commit 8394dd22b981bf9ad0511bb8c8bab0599073b2f5
Author: Ralph Wuerthner <ralph.wuerth...@de.ibm.com>
Date: Thu Apr 4 12:59:36 2013 +0200
s3:smbd: do not access data behind req->buf+req->buflen in
srvstr_get_path_req_wcard()
-----------------------------------------------------------------------
Summary of changes:
selftest/target/Samba3.pm | 1 +
source3/include/srvstr.h | 9 ---
source3/modules/vfs_dirsort.c | 140 +++++++++++++++++++++++++----------------
source3/smbd/proto.h | 2 +
source3/smbd/reply.c | 30 ++++++++-
5 files changed, 115 insertions(+), 67 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 70304fe..2061d97 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -937,6 +937,7 @@ sub provision($$$$$$)
path = $shrdir
comment = encrypt smb username is [%U]
smb encrypt = required
+ vfs objects = $vfs_modulesdir_abs/dirsort.so
[tmpguest]
path = $shrdir
guest ok = yes
diff --git a/source3/include/srvstr.h b/source3/include/srvstr.h
index 7e7d8a2..2c6e7ef 100644
--- a/source3/include/srvstr.h
+++ b/source3/include/srvstr.h
@@ -19,12 +19,3 @@
#define srvstr_pull_talloc(ctx, base_ptr, smb_flags2, dest, src, src_len,
flags) \
pull_string_talloc(ctx, base_ptr, smb_flags2, dest, src, src_len, flags)
-
-/* pull a string from the smb_buf part of a packet. In this case the
- string can either be null terminated or it can be terminated by the
- end of the smbbuf area
-*/
-
-#define srvstr_pull_req_talloc(ctx, req_, dest, src, flags) \
- pull_string_talloc(ctx, req_->inbuf, req_->flags2, dest, src, \
- smbreq_bufrem(req_, src), flags)
diff --git a/source3/modules/vfs_dirsort.c b/source3/modules/vfs_dirsort.c
index 98472f8..64d74d5 100644
--- a/source3/modules/vfs_dirsort.c
+++ b/source3/modules/vfs_dirsort.c
@@ -30,38 +30,60 @@ static int compare_dirent (const struct dirent *da, const
struct dirent *db)
struct dirsort_privates {
long pos;
struct dirent *directory_list;
- long number_of_entries;
- time_t mtime;
+ unsigned int number_of_entries;
+ struct timespec mtime;
DIR *source_directory;
- int fd;
+ files_struct *fsp; /* If open via FDOPENDIR. */
+ struct smb_filename *smb_fname; /* If open via OPENDIR */
};
static void free_dirsort_privates(void **datap) {
- struct dirsort_privates *data = (struct dirsort_privates *) *datap;
- SAFE_FREE(data->directory_list);
- SAFE_FREE(data);
- *datap = NULL;
+ TALLOC_FREE(*datap);
}
-static bool open_and_sort_dir (vfs_handle_struct *handle)
+static bool get_sorted_dir_mtime(vfs_handle_struct *handle,
+ struct dirsort_privates *data,
+ struct timespec *ret_mtime)
{
- struct dirent *dp;
- struct stat dir_stat;
- long current_pos;
- struct dirsort_privates *data = NULL;
+ int ret;
+ struct timespec mtime;
+
+ if (data->fsp) {
+ ret = fsp_stat(data->fsp);
+ mtime = data->fsp->fsp_name->st.st_ex_mtime;
+ } else {
+ ret = SMB_VFS_STAT(handle->conn, data->smb_fname);
+ mtime = data->smb_fname->st.st_ex_mtime;
+ }
- SMB_VFS_HANDLE_GET_DATA(handle, data, struct dirsort_privates,
- return false);
+ if (ret == -1) {
+ return false;
+ }
+
+ *ret_mtime = mtime;
+
+ return true;
+}
+
+static bool open_and_sort_dir(vfs_handle_struct *handle,
+ struct dirsort_privates *data)
+{
+ unsigned int i = 0;
+ unsigned int total_count = 0;
data->number_of_entries = 0;
- if (fstat(data->fd, &dir_stat) == 0) {
- data->mtime = dir_stat.st_mtime;
+ if (get_sorted_dir_mtime(handle, data, &data->mtime) == false) {
+ return false;
}
while (SMB_VFS_NEXT_READDIR(handle, data->source_directory, NULL)
!= NULL) {
- data->number_of_entries++;
+ total_count++;
+ }
+
+ if (total_count == 0) {
+ return false;
}
/* Open the underlying directory and count the number of entries
@@ -69,21 +91,26 @@ static bool open_and_sort_dir (vfs_handle_struct *handle)
SMB_VFS_NEXT_REWINDDIR(handle, data->source_directory);
/* Set up an array and read the directory entries into it */
- SAFE_FREE(data->directory_list); /* destroy previous cache if needed */
- data->directory_list = (struct dirent *)SMB_MALLOC(
- data->number_of_entries * sizeof(struct dirent));
+ TALLOC_FREE(data->directory_list); /* destroy previous cache if needed
*/
+ data->directory_list = talloc_zero_array(data,
+ struct dirent,
+ total_count);
if (!data->directory_list) {
return false;
}
- current_pos = data->pos;
- data->pos = 0;
- while ((dp = SMB_VFS_NEXT_READDIR(handle, data->source_directory,
- NULL)) != NULL) {
- data->directory_list[data->pos++] = *dp;
+ for (i = 0; i < total_count; i++) {
+ struct dirent *dp = SMB_VFS_NEXT_READDIR(handle,
+ data->source_directory,
+ NULL);
+ if (dp == NULL) {
+ break;
+ }
+ data->directory_list[i] = *dp;
}
+ data->number_of_entries = i;
+
/* Sort the directory entries by name */
- data->pos = current_pos;
TYPESAFE_QSORT(data->directory_list, data->number_of_entries,
compare_dirent);
return true;
}
@@ -92,33 +119,43 @@ static DIR *dirsort_opendir(vfs_handle_struct *handle,
const char *fname, const char *mask,
uint32 attr)
{
+ NTSTATUS status;
struct dirsort_privates *data = NULL;
/* set up our private data about this directory */
- data = (struct dirsort_privates *)SMB_MALLOC(
- sizeof(struct dirsort_privates));
-
+ data = talloc_zero(handle->conn, struct dirsort_privates);
if (!data) {
return NULL;
}
- data->directory_list = NULL;
- data->pos = 0;
+ status = create_synthetic_smb_fname(data,
+ fname,
+ NULL,
+ NULL,
+ &data->smb_fname);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(data);
+ return NULL;
+ }
/* Open the underlying directory and count the number of entries */
data->source_directory = SMB_VFS_NEXT_OPENDIR(handle, fname, mask,
attr);
- data->fd = dirfd(data->source_directory);
-
- SMB_VFS_HANDLE_SET_DATA(handle, data, free_dirsort_privates,
- struct dirsort_privates, return NULL);
+ if (data->source_directory == NULL) {
+ TALLOC_FREE(data);
+ return NULL;
+ }
- if (!open_and_sort_dir(handle)) {
+ if (!open_and_sort_dir(handle, data)) {
SMB_VFS_NEXT_CLOSEDIR(handle,data->source_directory);
+ TALLOC_FREE(data);
return NULL;
}
+ SMB_VFS_HANDLE_SET_DATA(handle, data, free_dirsort_privates,
+ struct dirsort_privates, return NULL);
+
return data->source_directory;
}
@@ -130,37 +167,33 @@ static DIR *dirsort_fdopendir(vfs_handle_struct *handle,
struct dirsort_privates *data = NULL;
/* set up our private data about this directory */
- data = (struct dirsort_privates *)SMB_MALLOC(
- sizeof(struct dirsort_privates));
-
+ data = talloc_zero(handle->conn, struct dirsort_privates);
if (!data) {
return NULL;
}
- data->directory_list = NULL;
- data->pos = 0;
+ data->fsp = fsp;
/* Open the underlying directory and count the number of entries */
data->source_directory = SMB_VFS_NEXT_FDOPENDIR(handle, fsp, mask,
attr);
if (data->source_directory == NULL) {
- SAFE_FREE(data);
+ TALLOC_FREE(data);
return NULL;
}
- data->fd = dirfd(data->source_directory);
-
- SMB_VFS_HANDLE_SET_DATA(handle, data, free_dirsort_privates,
- struct dirsort_privates, return NULL);
-
- if (!open_and_sort_dir(handle)) {
+ if (!open_and_sort_dir(handle, data)) {
SMB_VFS_NEXT_CLOSEDIR(handle,data->source_directory);
+ TALLOC_FREE(data);
/* fd is now closed. */
fsp->fh->fd = -1;
return NULL;
}
+ SMB_VFS_HANDLE_SET_DATA(handle, data, free_dirsort_privates,
+ struct dirsort_privates, return NULL);
+
return data->source_directory;
}
@@ -169,21 +202,18 @@ static struct dirent *dirsort_readdir(vfs_handle_struct
*handle,
SMB_STRUCT_STAT *sbuf)
{
struct dirsort_privates *data = NULL;
- time_t current_mtime;
- struct stat dir_stat;
+ struct timespec current_mtime;
SMB_VFS_HANDLE_GET_DATA(handle, data, struct dirsort_privates,
return NULL);
- if (fstat(data->fd, &dir_stat) == -1) {
+ if (get_sorted_dir_mtime(handle, data, ¤t_mtime) == false) {
return NULL;
}
- current_mtime = dir_stat.st_mtime;
-
/* throw away cache and re-read the directory if we've changed */
- if (current_mtime > data->mtime) {
- open_and_sort_dir(handle);
+ if (timespec_compare(¤t_mtime, &data->mtime) > 1) {
+ open_and_sort_dir(handle, data);
}
if (data->pos >= data->number_of_entries) {
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 35ae8a2..319e20e 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -826,6 +826,8 @@ size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx,
struct smb_request *req,
size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
char **pp_dest, const char *src, int flags,
NTSTATUS *err);
+size_t srvstr_pull_req_talloc(TALLOC_CTX *ctx, struct smb_request *req,
+ char **dest, const char *src, int flags);
bool check_fsp_open(connection_struct *conn, struct smb_request *req,
files_struct *fsp);
bool check_fsp(connection_struct *conn, struct smb_request *req,
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index d7b3199..c815a5a 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -318,9 +318,16 @@ size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx,
struct smb_request *req,
char **pp_dest, const char *src, int flags,
NTSTATUS *err, bool *contains_wcard)
{
- return srvstr_get_path_wcard(mem_ctx, (const char *)req->inbuf,
req->flags2,
- pp_dest, src, smbreq_bufrem(req, src),
- flags, err, contains_wcard);
+ ssize_t bufrem = smbreq_bufrem(req, src);
+
+ if (bufrem < 0) {
+ *err = NT_STATUS_INVALID_PARAMETER;
+ return 0;
+ }
+
+ return srvstr_get_path_wcard(mem_ctx, (const char *)req->inbuf,
+ req->flags2, pp_dest, src, bufrem, flags,
+ err, contains_wcard);
}
size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
@@ -332,6 +339,23 @@ size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct
smb_request *req,
flags, err, &ignore);
}
+/* pull a string from the smb_buf part of a packet. In this case the
+ string can either be null terminated or it can be terminated by the
+ end of the smbbuf area
+*/
+size_t srvstr_pull_req_talloc(TALLOC_CTX *ctx, struct smb_request *req,
+ char **dest, const char *src, int flags)
+{
+ ssize_t bufrem = smbreq_bufrem(req, src);
+
+ if (bufrem < 0) {
+ return 0;
+ }
+
+ return pull_string_talloc(ctx, req->inbuf, req->flags2, dest, src,
+ bufrem, flags);
+}
+
/****************************************************************************
Check if we have a correct fsp pointing to a file. Basic check for open fsp.
****************************************************************************/
--
Samba Shared Repository
