The branch, v4-0-test has been updated via 9bfcb9f Ensure we test the dirsort module in make test. via 2870ba2 Remove unneeded initializations (we already talloc_zero). via a677246 Remove the use of dirfd inside the vfs_dirsort.c. via b8712d0 Convert mtime from a time_t to a struct timespec. via f8da00d Check SMB_VFS_NEXT_OPENDIR return in dirsort_opendir(). via 38858df Clean error paths in opendir and fd_opendir by only setting handle data on success. via c0b62e9 Protect open_and_sort_dir() from the directory changing size. via bb3a65a Use an index i rather than re-using a state variable. via c483976 Protect against early error in SMB_VFS_NEXT_READDIR. via d95f2b0 Change source3/modules/vfs_dirsort.c from MALLOC -> TALLOC. via 284f579 s3:smbd: do not access data behind req->buf+req->buflen in srvstr_pull_req_talloc() via c22b34a s3:smbd: convert srvstr_pull_req_talloc() into a function via 8394dd2 s3:smbd: do not access data behind req->buf+req->buflen in srvstr_get_path_req_wcard() from 86dbc31 BUG 9766: Cache name_to_sid/sid_to_name correctly.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log ----------------------------------------------------------------- commit 9bfcb9f43c36419d60368086a0f21d04cf9ecca8 Author: Jeremy Allison <j...@samba.org> Date: Tue Apr 9 16:56:24 2013 -0700 Ensure we test the dirsort module in make test. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Apr 11 21:17:21 CEST 2013 on sn-devel-104 The last 10 patches address bug #9777 - vfs_dirsort uses non-stackable calls, dirfd(), malloc instead of talloc and doesn't cope with directories being modified whilst reading. Autobuild-User(v4-0-test): Karolin Seeger <ksee...@samba.org> Autobuild-Date(v4-0-test): Wed Apr 17 10:43:37 CEST 2013 on sn-devel-104 commit 2870ba20d69abec387cbbfe4f8c97ed3fdcdb44f Author: Jeremy Allison <j...@samba.org> Date: Tue Apr 9 11:02:58 2013 -0700 Remove unneeded initializations (we already talloc_zero). Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit a6772469a42db5f8a7a0bd2d4787bd4a07cfc1ef Author: Jeremy Allison <j...@samba.org> Date: Tue Apr 9 10:50:55 2013 -0700 Remove the use of dirfd inside the vfs_dirsort.c. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit b8712d02665163dad4b922c4966803019931aeaa Author: Jeremy Allison <j...@samba.org> Date: Tue Apr 9 10:43:53 2013 -0700 Convert mtime from a time_t to a struct timespec. In preparation for removing the dirfd and using fsp_stat() and VFS_STAT functions. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit f8da00db45e3b81d8b0a6c0c62f113c64e0e40fe Author: Jeremy Allison <j...@samba.org> Date: Tue Apr 9 10:38:24 2013 -0700 Check SMB_VFS_NEXT_OPENDIR return in dirsort_opendir(). Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 38858df51b2c10f80a0ac539f90d3bd4dd7a4b42 Author: Jeremy Allison <j...@samba.org> Date: Tue Apr 9 10:29:47 2013 -0700 Clean error paths in opendir and fd_opendir by only setting handle data on success. Pass extra struct dirsort_privates * to open_and_sort_dir() function to avoid it having to re-read the handle data. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit c0b62e9b8c7a4b41dbc2d3600cd9cc67931165a2 Author: Jeremy Allison <j...@samba.org> Date: Mon Apr 8 16:40:35 2013 -0700 Protect open_and_sort_dir() from the directory changing size. Otherwise there could be an error between initial count, allocation and re-read. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit bb3a65a572133a1a479ce8f3948d61367ed9aa31 Author: Jeremy Allison <j...@samba.org> Date: Mon Apr 8 16:38:03 2013 -0700 Use an index i rather than re-using a state variable. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit c4839767316a9e74a26e0691873e4e84357905a2 Author: Jeremy Allison <j...@samba.org> Date: Mon Apr 8 16:31:53 2013 -0700 Protect against early error in SMB_VFS_NEXT_READDIR. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit d95f2b085098c1d5e637beaea6eda5bcb03ac197 Author: Jeremy Allison <j...@samba.org> Date: Mon Apr 8 15:11:28 2013 -0700 Change source3/modules/vfs_dirsort.c from MALLOC -> TALLOC. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 284f5790cec980f3d6c6cf740d28a364003e59fc Author: Ralph Wuerthner <ralph.wuerth...@de.ibm.com> Date: Thu Apr 4 13:29:01 2013 +0200 s3:smbd: do not access data behind req->buf+req->buflen in srvstr_pull_req_talloc() The last 3 patches address bug #9782 - Panic when running 'smbtorture smb.base'. commit c22b34a9c638ec618a1f680940c14989ba811c18 Author: Ralph Wuerthner <ralph.wuerth...@de.ibm.com> Date: Thu Apr 4 13:24:36 2013 +0200 s3:smbd: convert srvstr_pull_req_talloc() into a function commit 8394dd22b981bf9ad0511bb8c8bab0599073b2f5 Author: Ralph Wuerthner <ralph.wuerth...@de.ibm.com> Date: Thu Apr 4 12:59:36 2013 +0200 s3:smbd: do not access data behind req->buf+req->buflen in srvstr_get_path_req_wcard() ----------------------------------------------------------------------- Summary of changes: selftest/target/Samba3.pm | 1 + source3/include/srvstr.h | 9 --- source3/modules/vfs_dirsort.c | 140 +++++++++++++++++++++++++---------------- source3/smbd/proto.h | 2 + source3/smbd/reply.c | 30 ++++++++- 5 files changed, 115 insertions(+), 67 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 70304fe..2061d97 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -937,6 +937,7 @@ sub provision($$$$$$) path = $shrdir comment = encrypt smb username is [%U] smb encrypt = required + vfs objects = $vfs_modulesdir_abs/dirsort.so [tmpguest] path = $shrdir guest ok = yes diff --git a/source3/include/srvstr.h b/source3/include/srvstr.h index 7e7d8a2..2c6e7ef 100644 --- a/source3/include/srvstr.h +++ b/source3/include/srvstr.h @@ -19,12 +19,3 @@ #define srvstr_pull_talloc(ctx, base_ptr, smb_flags2, dest, src, src_len, flags) \ pull_string_talloc(ctx, base_ptr, smb_flags2, dest, src, src_len, flags) - -/* pull a string from the smb_buf part of a packet. In this case the - string can either be null terminated or it can be terminated by the - end of the smbbuf area -*/ - -#define srvstr_pull_req_talloc(ctx, req_, dest, src, flags) \ - pull_string_talloc(ctx, req_->inbuf, req_->flags2, dest, src, \ - smbreq_bufrem(req_, src), flags) diff --git a/source3/modules/vfs_dirsort.c b/source3/modules/vfs_dirsort.c index 98472f8..64d74d5 100644 --- a/source3/modules/vfs_dirsort.c +++ b/source3/modules/vfs_dirsort.c @@ -30,38 +30,60 @@ static int compare_dirent (const struct dirent *da, const struct dirent *db) struct dirsort_privates { long pos; struct dirent *directory_list; - long number_of_entries; - time_t mtime; + unsigned int number_of_entries; + struct timespec mtime; DIR *source_directory; - int fd; + files_struct *fsp; /* If open via FDOPENDIR. */ + struct smb_filename *smb_fname; /* If open via OPENDIR */ }; static void free_dirsort_privates(void **datap) { - struct dirsort_privates *data = (struct dirsort_privates *) *datap; - SAFE_FREE(data->directory_list); - SAFE_FREE(data); - *datap = NULL; + TALLOC_FREE(*datap); } -static bool open_and_sort_dir (vfs_handle_struct *handle) +static bool get_sorted_dir_mtime(vfs_handle_struct *handle, + struct dirsort_privates *data, + struct timespec *ret_mtime) { - struct dirent *dp; - struct stat dir_stat; - long current_pos; - struct dirsort_privates *data = NULL; + int ret; + struct timespec mtime; + + if (data->fsp) { + ret = fsp_stat(data->fsp); + mtime = data->fsp->fsp_name->st.st_ex_mtime; + } else { + ret = SMB_VFS_STAT(handle->conn, data->smb_fname); + mtime = data->smb_fname->st.st_ex_mtime; + } - SMB_VFS_HANDLE_GET_DATA(handle, data, struct dirsort_privates, - return false); + if (ret == -1) { + return false; + } + + *ret_mtime = mtime; + + return true; +} + +static bool open_and_sort_dir(vfs_handle_struct *handle, + struct dirsort_privates *data) +{ + unsigned int i = 0; + unsigned int total_count = 0; data->number_of_entries = 0; - if (fstat(data->fd, &dir_stat) == 0) { - data->mtime = dir_stat.st_mtime; + if (get_sorted_dir_mtime(handle, data, &data->mtime) == false) { + return false; } while (SMB_VFS_NEXT_READDIR(handle, data->source_directory, NULL) != NULL) { - data->number_of_entries++; + total_count++; + } + + if (total_count == 0) { + return false; } /* Open the underlying directory and count the number of entries @@ -69,21 +91,26 @@ static bool open_and_sort_dir (vfs_handle_struct *handle) SMB_VFS_NEXT_REWINDDIR(handle, data->source_directory); /* Set up an array and read the directory entries into it */ - SAFE_FREE(data->directory_list); /* destroy previous cache if needed */ - data->directory_list = (struct dirent *)SMB_MALLOC( - data->number_of_entries * sizeof(struct dirent)); + TALLOC_FREE(data->directory_list); /* destroy previous cache if needed */ + data->directory_list = talloc_zero_array(data, + struct dirent, + total_count); if (!data->directory_list) { return false; } - current_pos = data->pos; - data->pos = 0; - while ((dp = SMB_VFS_NEXT_READDIR(handle, data->source_directory, - NULL)) != NULL) { - data->directory_list[data->pos++] = *dp; + for (i = 0; i < total_count; i++) { + struct dirent *dp = SMB_VFS_NEXT_READDIR(handle, + data->source_directory, + NULL); + if (dp == NULL) { + break; + } + data->directory_list[i] = *dp; } + data->number_of_entries = i; + /* Sort the directory entries by name */ - data->pos = current_pos; TYPESAFE_QSORT(data->directory_list, data->number_of_entries, compare_dirent); return true; } @@ -92,33 +119,43 @@ static DIR *dirsort_opendir(vfs_handle_struct *handle, const char *fname, const char *mask, uint32 attr) { + NTSTATUS status; struct dirsort_privates *data = NULL; /* set up our private data about this directory */ - data = (struct dirsort_privates *)SMB_MALLOC( - sizeof(struct dirsort_privates)); - + data = talloc_zero(handle->conn, struct dirsort_privates); if (!data) { return NULL; } - data->directory_list = NULL; - data->pos = 0; + status = create_synthetic_smb_fname(data, + fname, + NULL, + NULL, + &data->smb_fname); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(data); + return NULL; + } /* Open the underlying directory and count the number of entries */ data->source_directory = SMB_VFS_NEXT_OPENDIR(handle, fname, mask, attr); - data->fd = dirfd(data->source_directory); - - SMB_VFS_HANDLE_SET_DATA(handle, data, free_dirsort_privates, - struct dirsort_privates, return NULL); + if (data->source_directory == NULL) { + TALLOC_FREE(data); + return NULL; + } - if (!open_and_sort_dir(handle)) { + if (!open_and_sort_dir(handle, data)) { SMB_VFS_NEXT_CLOSEDIR(handle,data->source_directory); + TALLOC_FREE(data); return NULL; } + SMB_VFS_HANDLE_SET_DATA(handle, data, free_dirsort_privates, + struct dirsort_privates, return NULL); + return data->source_directory; } @@ -130,37 +167,33 @@ static DIR *dirsort_fdopendir(vfs_handle_struct *handle, struct dirsort_privates *data = NULL; /* set up our private data about this directory */ - data = (struct dirsort_privates *)SMB_MALLOC( - sizeof(struct dirsort_privates)); - + data = talloc_zero(handle->conn, struct dirsort_privates); if (!data) { return NULL; } - data->directory_list = NULL; - data->pos = 0; + data->fsp = fsp; /* Open the underlying directory and count the number of entries */ data->source_directory = SMB_VFS_NEXT_FDOPENDIR(handle, fsp, mask, attr); if (data->source_directory == NULL) { - SAFE_FREE(data); + TALLOC_FREE(data); return NULL; } - data->fd = dirfd(data->source_directory); - - SMB_VFS_HANDLE_SET_DATA(handle, data, free_dirsort_privates, - struct dirsort_privates, return NULL); - - if (!open_and_sort_dir(handle)) { + if (!open_and_sort_dir(handle, data)) { SMB_VFS_NEXT_CLOSEDIR(handle,data->source_directory); + TALLOC_FREE(data); /* fd is now closed. */ fsp->fh->fd = -1; return NULL; } + SMB_VFS_HANDLE_SET_DATA(handle, data, free_dirsort_privates, + struct dirsort_privates, return NULL); + return data->source_directory; } @@ -169,21 +202,18 @@ static struct dirent *dirsort_readdir(vfs_handle_struct *handle, SMB_STRUCT_STAT *sbuf) { struct dirsort_privates *data = NULL; - time_t current_mtime; - struct stat dir_stat; + struct timespec current_mtime; SMB_VFS_HANDLE_GET_DATA(handle, data, struct dirsort_privates, return NULL); - if (fstat(data->fd, &dir_stat) == -1) { + if (get_sorted_dir_mtime(handle, data, ¤t_mtime) == false) { return NULL; } - current_mtime = dir_stat.st_mtime; - /* throw away cache and re-read the directory if we've changed */ - if (current_mtime > data->mtime) { - open_and_sort_dir(handle); + if (timespec_compare(¤t_mtime, &data->mtime) > 1) { + open_and_sort_dir(handle, data); } if (data->pos >= data->number_of_entries) { diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h index 35ae8a2..319e20e 100644 --- a/source3/smbd/proto.h +++ b/source3/smbd/proto.h @@ -826,6 +826,8 @@ size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req, size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req, char **pp_dest, const char *src, int flags, NTSTATUS *err); +size_t srvstr_pull_req_talloc(TALLOC_CTX *ctx, struct smb_request *req, + char **dest, const char *src, int flags); bool check_fsp_open(connection_struct *conn, struct smb_request *req, files_struct *fsp); bool check_fsp(connection_struct *conn, struct smb_request *req, diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d7b3199..c815a5a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -318,9 +318,16 @@ size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req, char **pp_dest, const char *src, int flags, NTSTATUS *err, bool *contains_wcard) { - return srvstr_get_path_wcard(mem_ctx, (const char *)req->inbuf, req->flags2, - pp_dest, src, smbreq_bufrem(req, src), - flags, err, contains_wcard); + ssize_t bufrem = smbreq_bufrem(req, src); + + if (bufrem < 0) { + *err = NT_STATUS_INVALID_PARAMETER; + return 0; + } + + return srvstr_get_path_wcard(mem_ctx, (const char *)req->inbuf, + req->flags2, pp_dest, src, bufrem, flags, + err, contains_wcard); } size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req, @@ -332,6 +339,23 @@ size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req, flags, err, &ignore); } +/* pull a string from the smb_buf part of a packet. In this case the + string can either be null terminated or it can be terminated by the + end of the smbbuf area +*/ +size_t srvstr_pull_req_talloc(TALLOC_CTX *ctx, struct smb_request *req, + char **dest, const char *src, int flags) +{ + ssize_t bufrem = smbreq_bufrem(req, src); + + if (bufrem < 0) { + return 0; + } + + return pull_string_talloc(ctx, req->inbuf, req->flags2, dest, src, + bufrem, flags); +} + /**************************************************************************** Check if we have a correct fsp pointing to a file. Basic check for open fsp. ****************************************************************************/ -- Samba Shared Repository