The branch, master has been updated via f9d4158 tests/fake_snap: sanitize paths via 7b58c8f s3/mdssvc: missing assignment in sl_pack_float from dd3e06f HEIMDAL: don't bother seeing q if not sent
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit f9d4158f0b002b482df0a919d4cb337cce81f9f8 Author: David Disseldorp via samba-technical <samba-techni...@lists.samba.org> Date: Sat Aug 26 23:40:37 2017 +0200 tests/fake_snap: sanitize paths Ensure fake_snap.pl can be run in taint mode (-T), by sanitizing paths and the PATH env. This fixes the following samba3.rpc.fsrvp selftest failures: Insecure dependency in mkdir while running setgid at (eval 2) line 4. snap create failed: NT_STATUS_UNSUCCESSFUL snap create failed for shadow copy of /home/ddiss/isms/samba/st/nt4_dc/share Bug: https://bugzilla.samba.org/show_bug.cgi?id=12988 Signed-off-by: David Disseldorp <dd...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Aug 29 04:54:51 CEST 2017 on sn-devel-144 commit 7b58c8f54499f01778bcbfc2ad21521ceed2dd57 Author: Ralph Boehme <s...@samba.org> Date: Sun Aug 27 19:22:38 2017 +0200 s3/mdssvc: missing assignment in sl_pack_float Spotted by -Werror=maybe-uninitialized: ../source3/rpc_server/mdssvc/marshalling.c: In function ‘sl_pack_float’: ../source3/rpc_server/mdssvc/marshalling.c:171:11: error: ‘ieee_fp_union.w’ may be used uninitialized in this function [-Werror=maybe-uninitialized] offset = sl_push_uint64_val(buf, offset, bufsize, ieee_fp_union.w); Bug: https://bugzilla.samba.org/show_bug.cgi?id=12991 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> ----------------------------------------------------------------------- Summary of changes: source3/rpc_server/mdssvc/marshalling.c | 2 ++ source3/script/tests/fake_snap.pl | 19 ++++++++++++++++--- 2 files changed, 18 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/mdssvc/marshalling.c b/source3/rpc_server/mdssvc/marshalling.c index 0a02f41..976702c 100644 --- a/source3/rpc_server/mdssvc/marshalling.c +++ b/source3/rpc_server/mdssvc/marshalling.c @@ -164,6 +164,8 @@ static ssize_t sl_pack_float(double d, char *buf, ssize_t offset, size_t bufsize uint64_t w; } ieee_fp_union; + ieee_fp_union.d = d; + offset = sl_push_uint64_val(buf, offset, bufsize, sl_pack_tag(SQ_TYPE_FLOAT, 2, 1)); if (offset == -1) { return -1; diff --git a/source3/script/tests/fake_snap.pl b/source3/script/tests/fake_snap.pl index d1233f3..18bbcb7 100755 --- a/source3/script/tests/fake_snap.pl +++ b/source3/script/tests/fake_snap.pl @@ -5,14 +5,25 @@ use strict; use File::Path qw(rmtree); use POSIX (); +sub _untaint_path +{ + my ($path) = @_; + + if ($path =~ /^(.*)$/) { + return $1; + } + die "bad path"; +} + sub _create_snapshot { - my ($base_path) = @_; + my ($base_path) = _untaint_path(shift); my $time_str = POSIX::strftime("%Y.%m.%d-%H.%M.%S" , localtime()); my $snap_path = $base_path . "/.snapshots/\@GMT-" . $time_str; my $ret; - POSIX::mkdir($base_path . "/.snapshots", 0777); + $ENV{'PATH'} = '/bin:/usr/bin'; # untaint PATH + POSIX::mkdir($base_path . "/.snapshots", 0755); # add trailing slash to src path to ensure that only contents is copied $ret = system("rsync", "-a", "--exclude=.snapshots/", "${base_path}/", @@ -28,7 +39,8 @@ sub _create_snapshot sub _delete_snapshot { - my ($base_path, $snap_path) = @_; + my $base_path = _untaint_path(shift); + my $snap_path = _untaint_path(shift); # we're doing a recursive delete, so do some sanity checks if ((index($snap_path, $base_path) != 0) || (index($snap_path, ".snapshots") == -1)) { @@ -36,6 +48,7 @@ sub _delete_snapshot return -1; } + $ENV{'PATH'} = '/bin:/usr/bin'; # untaint PATH rmtree($snap_path, {error => \my $err}); if (@$err) { for my $diag (@$err) { -- Samba Shared Repository