The branch, master has been updated
via bbdcd66c048 s3: smbd: dirfsp is being used uninitialized inside
rmdir_internals().
from a8a0667263d s3:librpc: Improve calling of krb5_kt_end_seq_get()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit bbdcd66c048fee39629aeff450b50d049806e2f7
Author: Jeremy Allison <j...@samba.org>
Date: Tue Nov 2 10:44:44 2021 -0700
s3: smbd: dirfsp is being used uninitialized inside rmdir_internals().
Not caught be the tests in bugs 14878, 14879 as can_delete_directory_fsp()
doesn't have the same bug.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14892
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
Autobuild-User(master): Ralph Böhme <s...@samba.org>
Autobuild-Date(master): Wed Nov 3 14:33:49 UTC 2021 on sn-devel-184
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/close.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/close.c b/source3/smbd/close.c
index eae276b2e9c..ad10215a4fa 100644
--- a/source3/smbd/close.c
+++ b/source3/smbd/close.c
@@ -1052,6 +1052,8 @@ static NTSTATUS rmdir_internals(TALLOC_CTX *ctx, struct
files_struct *fsp)
goto err;
}
+ dirfsp = dir_hnd_fetch_fsp(dir_hnd);
+
while ((dname = ReadDirName(dir_hnd, &dirpos, &st, &talloced)) != NULL)
{
struct smb_filename *smb_dname_full = NULL;
struct smb_filename *direntry_fname = NULL;
@@ -1200,7 +1202,6 @@ static NTSTATUS rmdir_internals(TALLOC_CTX *ctx, struct
files_struct *fsp)
/* Do a recursive delete. */
RewindDir(dir_hnd,&dirpos);
- dirfsp = dir_hnd_fetch_fsp(dir_hnd);
while ((dname = ReadDirName(dir_hnd, &dirpos, &st, &talloced)) != NULL)
{
struct smb_filename *direntry_fname = NULL;
--
Samba Shared Repository
