The branch, master has been updated via c98cd0f s4: torture: Test all combinations of directory open with existing directory to ensure behavior is the same. via fd90843 s4: torture: Test all combinations of directory create to ensure behavior is the same. via 820b35b s4: torture: Test all combinations of file open with existing file to ensure behavior is the same. via 22fe8dc s4: torture: Test all combinations of file create to ensure behavior is the same. via 53cdf7a s4: torture: Ensure a failed file create doesn't create the file. via 2514bee s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without delete access. from efa66c9 libads: Fix CID 1349423 Resource leak
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit c98cd0f25edaae7558f18fd331e2fef3aabb61f2 Author: Jeremy Allison <j...@samba.org> Date: Wed Mar 28 13:19:12 2018 -0700 s4: torture: Test all combinations of directory open with existing directory to ensure behavior is the same. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <volker.lende...@sernet.de> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Mar 29 23:13:42 CEST 2018 on sn-devel-144 commit fd9084336e7e86ccec83141d880fd7c336c23b6c Author: Jeremy Allison <j...@samba.org> Date: Wed Mar 28 13:17:14 2018 -0700 s4: torture: Test all combinations of directory create to ensure behavior is the same. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <volker.lende...@sernet.de> commit 820b35bb1ceb445eb3659b67eedfb0a2f5b2f976 Author: Jeremy Allison <j...@samba.org> Date: Wed Mar 28 11:44:40 2018 -0700 s4: torture: Test all combinations of file open with existing file to ensure behavior is the same. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <volker.lende...@sernet.de> commit 22fe8dcb77565495886244e88bb0433363d1f80a Author: Jeremy Allison <j...@samba.org> Date: Wed Mar 28 11:00:59 2018 -0700 s4: torture: Test all combinations of file create to ensure behavior is the same. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <volker.lende...@sernet.de> commit 53cdf7a9a18ed547eade4c3cdd80d286058e440d Author: Jeremy Allison <j...@samba.org> Date: Wed Mar 28 10:54:30 2018 -0700 s4: torture: Ensure a failed file create doesn't create the file. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <volker.lende...@sernet.de> commit 2514bee0a3b0a12430e2679ee590075c54d4803a Author: Jeremy Allison <j...@samba.org> Date: Wed Mar 28 12:42:20 2018 -0700 s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without delete access. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <volker.lende...@sernet.de> ----------------------------------------------------------------------- Summary of changes: source3/smbd/open.c | 12 ++ source4/torture/basic/delete.c | 257 +++++++++++++++++++++++++++++++++++++++-- 2 files changed, 258 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/open.c b/source3/smbd/open.c index be9e601..643e074 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -5120,6 +5120,18 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, goto fail; } + /* + * Files or directories can't be opened DELETE_ON_CLOSE without + * delete access. + * BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358 + */ + if (create_options & FILE_DELETE_ON_CLOSE) { + if ((access_mask & DELETE_ACCESS) == 0) { + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + } + if ((conn->fs_capabilities & FILE_NAMED_STREAMS) && is_ntfs_stream_smb_fname(smb_fname) && (!(private_flags & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) { diff --git a/source4/torture/basic/delete.c b/source4/torture/basic/delete.c index 54815b9..6596985 100644 --- a/source4/torture/basic/delete.c +++ b/source4/torture/basic/delete.c @@ -476,21 +476,124 @@ static bool deltest8(struct torture_context *tctx, struct smbcli_state *cli1, st static bool deltest9(struct torture_context *tctx, struct smbcli_state *cli1, struct smbcli_state *cli2) { int fnum1 = -1; + NTSTATUS status; + uint32_t disps[4] = { + NTCREATEX_DISP_SUPERSEDE, + NTCREATEX_DISP_OVERWRITE_IF, + NTCREATEX_DISP_CREATE, + NTCREATEX_DISP_OPEN_IF}; + unsigned int i; del_clean_area(cli1, cli2); - /* This should fail - we need to set DELETE_ACCESS. */ - fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, - SEC_FILE_READ_DATA|SEC_FILE_WRITE_DATA, - FILE_ATTRIBUTE_NORMAL, - NTCREATEX_SHARE_ACCESS_NONE, - NTCREATEX_DISP_OVERWRITE_IF, - NTCREATEX_OPTIONS_DELETE_ON_CLOSE, 0); - - torture_assert(tctx, fnum1 == -1, - talloc_asprintf(tctx, "open of %s succeeded should have failed!", - fname)); + for (i = 0; i < sizeof(disps)/sizeof(disps[0]); i++) { + /* This should fail - we need to set DELETE_ACCESS. */ + + /* + * A file or directory create with DELETE_ON_CLOSE but + * without DELETE_ACCESS should fail with + * NT_STATUS_INVALID_PARAMETER. + */ + + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, + SEC_FILE_READ_DATA|SEC_FILE_WRITE_DATA, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_NONE, + disps[i], + NTCREATEX_OPTIONS_DELETE_ON_CLOSE, 0); + + torture_assert(tctx, fnum1 == -1, + talloc_asprintf(tctx, "open of %s succeeded " + "should have failed!", + fname)); + + /* Must fail with NT_STATUS_INVALID_PARAMETER. */ + status = smbcli_nt_error(cli1->tree); + torture_assert_ntstatus_equal(tctx, + status, + NT_STATUS_INVALID_PARAMETER, + talloc_asprintf(tctx, "create of %s should return " + "NT_STATUS_INVALID_PARAMETER, got %s", + fname, + smbcli_errstr(cli1->tree))); + + /* This should fail - the file should not have been created. */ + status = smbcli_getatr(cli1->tree, fname, NULL, NULL, NULL); + torture_assert_ntstatus_equal(tctx, + status, + NT_STATUS_OBJECT_NAME_NOT_FOUND, + talloc_asprintf(tctx, "getattr of %s succeeded should " + "not have been created !", + fname)); + } + + return true; +} +/* Test 9a ... */ +static bool deltest9a(struct torture_context *tctx, + struct smbcli_state *cli1, + struct smbcli_state *cli2) +{ + int fnum1 = -1; + NTSTATUS status; + uint32_t disps[4] = { + NTCREATEX_DISP_OVERWRITE_IF, + NTCREATEX_DISP_OPEN, + NTCREATEX_DISP_OVERWRITE, + NTCREATEX_DISP_OPEN_IF}; + + unsigned int i; + + del_clean_area(cli1, cli2); + + /* Create the file, and try with open calls. */ + fnum1 = smbcli_open(cli1->tree, fname, O_CREAT|O_RDWR, DENY_NONE); + torture_assert(tctx, + fnum1 != -1, + talloc_asprintf(tctx, "open of %s failed (%s)", + fname, + smbcli_errstr(cli1->tree))); + status = smbcli_close(cli1->tree, fnum1); + torture_assert_ntstatus_ok(tctx, + status, + talloc_asprintf(tctx, "close failed")); + + for (i = 0; i < sizeof(disps)/sizeof(disps[0]); i++) { + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, + SEC_FILE_READ_DATA|SEC_FILE_WRITE_DATA, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_NONE, + disps[i], + NTCREATEX_OPTIONS_DELETE_ON_CLOSE, 0); + + torture_assert(tctx, fnum1 == -1, + talloc_asprintf(tctx, "open of %s succeeded " + "should have failed!", + fname)); + + /* Must fail with NT_STATUS_INVALID_PARAMETER. */ + status = smbcli_nt_error(cli1->tree); + torture_assert_ntstatus_equal(tctx, + status, + NT_STATUS_INVALID_PARAMETER, + talloc_asprintf(tctx, "create of %s should return " + "NT_STATUS_INVALID_PARAMETER, got %s", + fname, + smbcli_errstr(cli1->tree))); + + /* + * This should succeed - the file should not have been deleted. + */ + status = smbcli_getatr(cli1->tree, fname, NULL, NULL, NULL); + torture_assert_ntstatus_ok(tctx, + status, + talloc_asprintf(tctx, "getattr of %s failed %s", + fname, + smbcli_errstr(cli1->tree))); + } + + del_clean_area(cli1, cli2); return true; } @@ -2252,6 +2355,135 @@ static bool deltest24(struct torture_context *tctx) return correct; } +/* Test 25 ... */ +static bool deltest25(struct torture_context *tctx, + struct smbcli_state *cli1, + struct smbcli_state *cli2) +{ + int fnum1 = -1; + NTSTATUS status; + uint32_t disps[4] = { + NTCREATEX_DISP_SUPERSEDE, + NTCREATEX_DISP_OVERWRITE_IF, + NTCREATEX_DISP_CREATE, + NTCREATEX_DISP_OPEN_IF}; + unsigned int i; + + del_clean_area(cli1, cli2); + + for (i = 0; i < sizeof(disps)/sizeof(disps[0]); i++) { + /* This should fail - we need to set DELETE_ACCESS. */ + + /* + * A file or directory create with DELETE_ON_CLOSE but + * without DELETE_ACCESS should fail with + * NT_STATUS_INVALID_PARAMETER. + */ + + fnum1 = smbcli_nt_create_full(cli1->tree, dname, 0, + SEC_FILE_READ_DATA, + FILE_ATTRIBUTE_DIRECTORY, + NTCREATEX_SHARE_ACCESS_NONE, + disps[i], + NTCREATEX_OPTIONS_DIRECTORY| + NTCREATEX_OPTIONS_DELETE_ON_CLOSE, 0); + + torture_assert(tctx, fnum1 == -1, + talloc_asprintf(tctx, "open of %s succeeded " + "should have failed!", + dname)); + + /* Must fail with NT_STATUS_INVALID_PARAMETER. */ + status = smbcli_nt_error(cli1->tree); + torture_assert_ntstatus_equal(tctx, + status, + NT_STATUS_INVALID_PARAMETER, + talloc_asprintf(tctx, "create of %s should return " + "NT_STATUS_INVALID_PARAMETER, got %s", + dname, + smbcli_errstr(cli1->tree))); + + /* + * This should fail - the directory + * should not have been created. + */ + status = smbcli_getatr(cli1->tree, dname, NULL, NULL, NULL); + torture_assert_ntstatus_equal(tctx, + status, + NT_STATUS_OBJECT_NAME_NOT_FOUND, + talloc_asprintf(tctx, "getattr of %s succeeded should " + "not have been created !", + dname)); + } + + return true; +} + +/* Test 25a... */ +static bool deltest25a(struct torture_context *tctx, + struct smbcli_state *cli1, + struct smbcli_state *cli2) +{ + int fnum1 = -1; + NTSTATUS status; + uint32_t disps[4] = { + NTCREATEX_DISP_OVERWRITE_IF, + NTCREATEX_DISP_OPEN, + NTCREATEX_DISP_OVERWRITE, + NTCREATEX_DISP_OPEN_IF}; + + unsigned int i; + + del_clean_area(cli1, cli2); + + /* Create the directory, and try with open calls. */ + status = smbcli_mkdir(cli1->tree, dname); + torture_assert_ntstatus_ok(tctx, + status, + talloc_asprintf(tctx, "mkdir of %s failed %s", + dname, + smbcli_errstr(cli1->tree))); + + for (i = 0; i < sizeof(disps)/sizeof(disps[0]); i++) { + fnum1 = smbcli_nt_create_full(cli1->tree, dname, 0, + SEC_FILE_READ_DATA, + FILE_ATTRIBUTE_DIRECTORY, + NTCREATEX_SHARE_ACCESS_NONE, + disps[i], + NTCREATEX_OPTIONS_DIRECTORY| + NTCREATEX_OPTIONS_DELETE_ON_CLOSE, 0); + + torture_assert(tctx, fnum1 == -1, + talloc_asprintf(tctx, "open of %s succeeded " + "should have failed!", + dname)); + + /* Must fail with NT_STATUS_INVALID_PARAMETER. */ + status = smbcli_nt_error(cli1->tree); + torture_assert_ntstatus_equal(tctx, + status, + NT_STATUS_INVALID_PARAMETER, + talloc_asprintf(tctx, "create of %s should return " + "NT_STATUS_INVALID_PARAMETER, got %s", + dname, + smbcli_errstr(cli1->tree))); + + /* + * This should succeed - the directory + * should not have been deleted. + */ + status = smbcli_getatr(cli1->tree, dname, NULL, NULL, NULL); + torture_assert_ntstatus_ok(tctx, + status, + talloc_asprintf(tctx, "getattr of %s failed %s", + fname, + smbcli_errstr(cli1->tree))); + } + + del_clean_area(cli1, cli2); + return true; +} + /* Test delete on close semantics. */ @@ -2269,6 +2501,7 @@ struct torture_suite *torture_test_delete(TALLOC_CTX *ctx) torture_suite_add_2smb_test(suite, "deltest7", deltest7); torture_suite_add_2smb_test(suite, "deltest8", deltest8); torture_suite_add_2smb_test(suite, "deltest9", deltest9); + torture_suite_add_2smb_test(suite, "deltest9a", deltest9a); torture_suite_add_2smb_test(suite, "deltest10", deltest10); torture_suite_add_2smb_test(suite, "deltest11", deltest11); torture_suite_add_2smb_test(suite, "deltest12", deltest12); @@ -2293,6 +2526,8 @@ struct torture_suite *torture_test_delete(TALLOC_CTX *ctx) torture_suite_add_simple_test(suite, "deltest22", deltest22); torture_suite_add_2smb_test(suite, "deltest23", deltest23); torture_suite_add_simple_test(suite, "deltest24", deltest24); + torture_suite_add_2smb_test(suite, "deltest25", deltest25); + torture_suite_add_2smb_test(suite, "deltest25a", deltest25a); return suite; } -- Samba Shared Repository