[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0c7b69b selftest: Use 'logging' parameter instead of 'syslog' via 3fb40b4 s4-process_model: Panic if the standard init function fails via f751828 s4-process_model: Do not close random fds while forking. from 14b6e0a s4:kdc/db-glue: samba_kdc_trust_message2entry() should use the normalized principal as salt https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0c7b69b10b0e8b8bd580e835466411ec83daf98c Author: Christof Schmitt Date: Mon Mar 23 16:16:36 2015 -0700 selftest: Use 'logging' parameter instead of 'syslog' 'syslog' has been deprecated, so use the new 'logging' parameter instead. Signed-off-by: Christof Schmitt Reviewed-by: Andreas Schneider Reviewed-by: Michael Adam Autobuild-User(master): Michael Adam Autobuild-Date(master): Fri Mar 27 06:38:32 CET 2015 on sn-devel-104 commit 3fb40b4bec0ca8e035e0e2e9e7b435ebfcedf3eb Author: Andreas Schneider Date: Thu Mar 26 10:58:18 2015 +0100 s4-process_model: Panic if the standard init function fails Pair-Programmed-With: Michael Adam Signed-off-by: Andreas Schneider Signed-off-by: Michael Adam Reviewed-by: Stefan Metzmacher commit f75182841d4a7d63bd070022270926e324631fa9 Author: Andreas Schneider Date: Thu Mar 26 10:48:31 2015 +0100 s4-process_model: Do not close random fds while forking. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11180 The issue has been found with nss_wrapper debug output running: samba4.ntvfs.cifs.krb5.base.lock In the case here, we fork a child and close the fd without resetting the pipe fd variable. Then the fd was used to open the nss_wrapper hosts file which got the same fd. We forked again in the process model called close() on the re-used fd (of the pipe variable) again without nss_wrapper noticing. Now Samba opened the secrets tdb and got the same fd as nss_wrapper was using for the hosts file and next nss_wrapper tried to parse a TDB ... Pair-Programmed-With: Michael Adam Signed-off-by: Andreas Schneider Signed-off-by: Michael Adam Reviewed-by: Stefan Metzmacher --- Summary of changes: selftest/target/Samba3.pm | 2 +- selftest/target/Samba4.pm | 2 +- source4/smbd/process_standard.c | 19 +++ 3 files changed, 17 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 097d90a..3f2d247 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -1154,7 +1154,7 @@ sub provision() kernel change notify = no smb2 leases = yes - syslog = no + logging = file printing = bsd printcap name = /dev/null diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index 40e13fc..9d765c4 100755 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -1689,7 +1689,7 @@ sub provision_ad_dc($$) kernel oplocks = no kernel change notify = no - syslog = no + logging = file printing = bsd printcap name = /dev/null diff --git a/source4/smbd/process_standard.c b/source4/smbd/process_standard.c index d3622f9..e2b9f13 100644 --- a/source4/smbd/process_standard.c +++ b/source4/smbd/process_standard.c @@ -42,14 +42,19 @@ NTSTATUS process_model_standard_init(void); /* we hold a pipe open in the parent, and the any child processes wait for EOF on that pipe. This ensures that children die when the parent dies */ -static int child_pipe[2]; +static int child_pipe[2] = { -1, -1 }; /* called when the process model is selected */ static void standard_model_init(void) { - pipe(child_pipe); + int rc; + + rc = pipe(child_pipe); + if (rc < 0) { + smb_panic("Failed to initialze pipe!"); + } } /* @@ -266,7 +271,10 @@ static void standard_accept_connection(struct tevent_context *ev, tevent_add_fd(ev, ev, child_pipe[0], TEVENT_FD_READ, standard_pipe_handler, NULL); - close(child_pipe[1]); + if (child_pipe[1] != -1) { + close(child_pipe[1]); + child_pipe[1] = -1; + } /* Ensure that the forked children do not expose identical random streams */ set_need_random_reseed(); @@ -342,7 +350,10 @@ static void standard_new_task(struct tevent_context *ev, tevent_add_fd(ev, ev, child_pipe[0], TEVENT_FD_READ, standard_pipe_handler, NULL); - close(child_pipe[1]); + if (child_pipe[1] != -1) { + close(child_pipe[1]); + child_pipe[1] = -1; + } /* Ensure that the forked children do not expose iden
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 14b6e0a s4:kdc/db-glue: samba_kdc_trust_message2entry() should use the normalized principal as salt via 0dbf1d4 libcli/util: remove unused WERR_BAD_PASSWORD via 6e5d9c2 libcli/auth: use WERR_INVALID_PASSWORD instead of WERR_BAD_PASSWORD via 17e8ad5 docs-xml/Samba3-HOWTO: add reference to WERR_INVALID_PASSWORD were we had only WERR_BAD_PASSWORD via cb786df selftest: use dns_lookup_* = true in krb5.conf via 4b12fce s4-kdc/db_glue: avoid accessing private struct members when there are accessor funcs. via e2eef86 s4-kdc/db_glue: use smb_krb5_principal_set_type(). via 212a9e0 krb5_wrap: fix documentation for smb_krb5_principal_get_comp_string(). via e38acb3 krb5_wrap: add smb_krb5_principal_set_type(). via 34ef6b8 s4-auth: fix DEBUG statement. via de60211 gensec: map KRB5KRB_AP_ERR_BAD_INTEGRITY to logon failure. via ac23b7d s4-kdc/db-glue: make sure to use smb_krb5_get_pw_salt and smb_krb5_create_key_from_string. via 023b5af lib/krb5_wrap: use krb5_const_principal in smb_krb5_get_pw_salt(). via a616df1 lib/krb5_wrap: use krb5_const_principal in smb_krb5_create_key_from_string. via b7abdbb s4-auth: avoid double free of krb5 kt_entries when compiling with MIT kerberos library. via f05fbc1 s4-gensec: Check if we have delegated credentials. via cebecff s4-kdc/db-glue: use smb_krb5_principal_get_comp_string in dbglue. via 2a0e2dd s4-kdc/db-glue: use principal_comp_str{case}cmp. via 6d6e411 s4-kdc/db-glue: add principal_comp_str{case}cmp via 714862d s4-kdc: pass down only a samba_kdc_entry to samba_krbtgt_is_in_db(). via 0501db1 s4-kdc: pass down only a samba_kdc_entry to samba_kdc_get_pac_blob(). via 78c0cf2 s4-kdc: pass down only a samba_kdc_entry to samba_princ_needs_pac(). via ba18383 s4-kdc/db_glue: pass down only a samba_kdc_entry to samba_kdc_check_s4u2proxy(). via f4b087b s4-kdc/db_glue: pass down only a samba_kdc_entry to samba_kdc_check_pkinit_ms_upn_match(). via 7afd9e6 s4-kdc/db_glue: pass down only a samba_kdc_entry to samba_kdc_check_s4u2self(). via 1afd3d3 s4-kdc: build some kdc components only for Heimdal KDCs. via 77ede58 lib/krb5_wrap: provide KRB5KDC_ERR_KEY_EXPIRED error code matching MIT. via 9a0263a s4-kdc/db_glue: workaround different CLIENT_NAME_MISMATCH error codes. via e6e2ec0 librpc/ndr_nbt: we need to keep a trailing '.' in the last component of an nbt_string via 1a78713 lsa.idl: add LSA_POLICY_NOTIFICATION to LSA_POLICY_ALL_ACCESS via c9f68df s4:selftest: run rpc.netlogon.admin against also ad_dc via 2ec4a62 torture: Run lsa.trusted.domains auth tests against samba4 via f13f75f torture-lsa: Allow rpc.lsa.trusted.domains to run successfully via e5163df s4:torture/rpc: use torture_skip() if torture:Forest_Trust_Dom2_Binding isn't specified for rpc.lsa.forest.trust via 9b5c699 s4:torture/rpc: test the old password in test_validate_trust() for rpc.lsa.forest.trust via 0133841 s4:torture/rpc: really use LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE in rpc.lsa.forest.trust via 8094bfa s4:torture/rpc: use torture_assert*() macros for rpc.lsa.forest.trust via 281969d s4:torture/rpc: fix test_EnumTrustDomEx() with existing domains via a156007 s4:rpc_server/lsa: correctly set *r->out.resume_handle with NT_STATUS_OK in lsa_EnumTrustedDomainsEx() via 08f91a1 s4:torture/rpc: use unique sids and names for trusted domains via 1e782d9 s4:torture/rpc: sync test_LogonControl2Ex with test_LogonControl2 via 30cb12e s4:torture/rpc: let rpc.netlogon.admin pass against windows 2012r2 via 038659d s3:rpc_server/netlogon: improve the netr_LogonControl*() error returns via 9134681 s4:torture/rpc: let test_LogonControl() also accept WERR_NOT_SUPPORTED for NETLOGON_CONTROL_TRUNCATE_LOG via 01cb90a s4:torture/rpc: don't use the same names for 3 different tests via d620f46 libcli/util: let WERR_UNKNOWN_LEVEL be an alias to WERR_INVALID_LEVEL via da4f31e nsswitch: improve error messages in wbinfo calls via dcb2259 s4:heimdal_build: remove allow_warnings=True from HEIMDAL_ASN1() from f0e9ba9 Rename SMB2_OP_FIND to SMB2_OP_QUERY_DIRECTORY so that it conforms with the MS document MS-SMB2. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 14b6e0a599298696d48cbae54d9543f131a3ab95 Author: Stefan Metzmacher Date: Thu Mar 26 09:24:05 2015 + s4:kdc/db-glue: samba_kdc_trust_message2entry() should use the normalized principal as salt smbclient //w2012r2-183.w2012r2-l4.base/netlogon -c 'ls' -k yes -uadministra...@s4xdom.base%A1b2C3d4 worked while smbclient //w2012r
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f0e9ba9 Rename SMB2_OP_FIND to SMB2_OP_QUERY_DIRECTORY so that it conforms with the MS document MS-SMB2. via 70d20da Move update-external.sh to third_party/ via 483bb68 Merge update-waf.sh into update-external.sh via 90ec37c Move waf into third_party/. from 32cbbed s3: libsmbclient: Add missing talloc stackframe. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f0e9ba91c0610b038cb2c3d7a487e0d904855dc5 Author: Richard Sharpe Date: Tue Mar 24 07:16:26 2015 -0700 Rename SMB2_OP_FIND to SMB2_OP_QUERY_DIRECTORY so that it conforms with the MS document MS-SMB2. Signed-off-by: Richard Sharpe Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Mar 27 01:24:47 CET 2015 on sn-devel-104 commit 70d20da561088a04bf8d87f31771228a8ffccea8 Author: Jelmer Vernooij Date: Wed Mar 25 11:13:42 2015 + Move update-external.sh to third_party/ Signed-Off-By: Jelmer Vernooij Reviewed-by: Jeremy Allison commit 483bb682a87b10b1faebb2eda40ed3bed2d7a0df Author: Jelmer Vernooij Date: Wed Mar 25 11:13:41 2015 + Merge update-waf.sh into update-external.sh Signed-off-by: Jelmer Vernooij Reviewed-by: Jeremy Allison commit 90ec37cf90035576bcab4d7b36214c9c19a52d24 Author: Jelmer Vernooij Date: Wed Mar 25 11:13:40 2015 + Move waf into third_party/. Signed-Off-By: Jelmer Vernooij Reviewed-by: Jeremy Allison --- Summary of changes: buildtools/bin/waf | 2 +- buildtools/update-waf.sh | 13 ctdb/wscript | 2 +- lib/ldb/wscript| 2 +- lib/replace/wscript| 2 +- lib/talloc/wscript | 3 +- lib/tdb/wscript| 2 +- lib/tevent/wscript | 2 +- libcli/smb/smb2_constants.h| 38 +++--- libcli/smb/smb2cli_query_directory.c | 2 +- selftest/tests.py | 2 +- source3/smbd/globals.h | 2 +- .../smbd/{smb2_find.c => smb2_query_directory.c} | 30 - source3/smbd/smb2_server.c | 6 ++-- source3/wscript_build | 2 +- source4/libcli/smb2/find.c | 2 +- source4/smb_server/smb2/receive.c | 2 +- lib/update-external.sh => third_party/update.sh| 9 +++-- .../waf}/wafadmin/3rdparty/ParallelDebug.py| 2 -- .../waf}/wafadmin/3rdparty/batched_cc.py | 1 - .../waf}/wafadmin/3rdparty/boost.py| 1 - .../waf}/wafadmin/3rdparty/build_file_tracker.py | 1 - .../waf}/wafadmin/3rdparty/fluid.py| 1 - .../waf}/wafadmin/3rdparty/gccdeps.py | 1 - .../waf}/wafadmin/3rdparty/go.py | 1 - .../waf}/wafadmin/3rdparty/lru_cache.py| 1 - .../waf}/wafadmin/3rdparty/paranoid.py | 1 - .../waf}/wafadmin/3rdparty/prefork.py | 1 - .../waf}/wafadmin/3rdparty/swig.py | 1 - .../waf}/wafadmin/3rdparty/valadoc.py | 1 - {buildtools => third_party/waf}/wafadmin/Build.py | 1 - .../waf}/wafadmin/Configure.py | 2 -- .../waf}/wafadmin/Constants.py | 1 - .../waf}/wafadmin/Environment.py | 1 - {buildtools => third_party/waf}/wafadmin/Logs.py | 1 - {buildtools => third_party/waf}/wafadmin/Node.py | 1 - .../waf}/wafadmin/Options.py | 1 - {buildtools => third_party/waf}/wafadmin/Runner.py | 1 - .../waf}/wafadmin/Scripting.py | 1 - {buildtools => third_party/waf}/wafadmin/Task.py | 1 - .../waf}/wafadmin/TaskGen.py | 5 ++- .../waf}/wafadmin/Tools/__init__.py| 1 - .../waf}/wafadmin/Tools/ar.py | 2 -- .../waf}/wafadmin/Tools/bison.py | 1 - .../waf}/wafadmin/Tools/cc.py | 1 - .../waf}/wafadmin/Tools/ccroot.py | 1 - .../waf}/wafadmin/Tools/compiler_cc.py | 1 - .../waf}/wafadmin/Tools/compiler_cxx.py| 1 - .../waf}/wafadmin/Tools/compiler_d.py | 1 - .../waf}/wafadmin/Tools/config_c.py| 1 - .../waf}/wafadmin/Tools/cs.py | 1 - .../waf}/wafadmin/Tools/cxx.py | 1 - .../waf}/wafadmin/Tools/d.py | 1 - .../waf}/wafadmin/Tools/dbus.py| 1 - .../waf}/wafadmin/Tools/dmd
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 32cbbed s3: libsmbclient: Add missing talloc stackframe. via d932964 docs: fix duplicate word in explanation of parameter 'logging'. from b0a9a69 libnetapi: Fix 241166 Fixing logically dead code https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 32cbbed979b931eeb5127629248a94d7e6f3fcfb Author: Jeremy Allison Date: Thu Mar 26 10:09:46 2015 -0700 s3: libsmbclient: Add missing talloc stackframe. Bug 11177 - no talloc stackframe at ../source3/libsmb/clifsinfo.c:444, leaking memory https://bugzilla.samba.org/show_bug.cgi?id=11177 Signed-off-by: Jeremy Allison Reviewed-by: Michael Adam Autobuild-User(master): Michael Adam Autobuild-Date(master): Thu Mar 26 22:21:30 CET 2015 on sn-devel-104 commit d932964d5b1235c4d682eefb621d43f622008cd4 Author: Michael Adam Date: Thu Mar 26 13:45:50 2015 +0100 docs: fix duplicate word in explanation of parameter 'logging'. Signed-off-by: Michael Adam Reviewed-by: Christof Schmitt --- Summary of changes: docs-xml/smbdotconf/logging/logging.xml | 2 +- source3/libsmb/libsmb_stat.c| 8 2 files changed, 9 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/logging/logging.xml b/docs-xml/smbdotconf/logging/logging.xml index 41b6c08..a82496b 100644 --- a/docs-xml/smbdotconf/logging/logging.xml +++ b/docs-xml/smbdotconf/logging/logging.xml @@ -5,7 +5,7 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc";> - This parameter configures logging backends backends. Multiple + This parameter configures logging backends. Multiple backends can be specified at the same time, with different log levels for each backend. The parameter is a list of backends, where each backend is specified as backend[:option][@loglevel]. diff --git a/source3/libsmb/libsmb_stat.c b/source3/libsmb/libsmb_stat.c index 94449e0..3c895ce 100644 --- a/source3/libsmb/libsmb_stat.c +++ b/source3/libsmb/libsmb_stat.c @@ -312,9 +312,11 @@ SMBC_statvfs_ctx(SMBCCTX *context, boolbIsDir; struct stat statbuf; SMBCFILE * pFile; + TALLOC_CTX *frame = talloc_stackframe(); /* Determine if the provided path is a file or a folder */ if (SMBC_stat_ctx(context, path, &statbuf) < 0) { + TALLOC_FREE(frame); return -1; } @@ -322,6 +324,7 @@ SMBC_statvfs_ctx(SMBCCTX *context, if (S_ISDIR(statbuf.st_mode)) { /* It's a directory. */ if ((pFile = SMBC_opendir_ctx(context, path)) == NULL) { + TALLOC_FREE(frame); return -1; } bIsDir = true; @@ -329,11 +332,13 @@ SMBC_statvfs_ctx(SMBCCTX *context, /* It's a file. */ if ((pFile = SMBC_open_ctx(context, path, O_RDONLY, 0)) == NULL) { + TALLOC_FREE(frame); return -1; } bIsDir = false; } else { /* It's neither a file nor a directory. Not supported. */ + TALLOC_FREE(frame); errno = ENOSYS; return -1; } @@ -348,6 +353,7 @@ SMBC_statvfs_ctx(SMBCCTX *context, SMBC_close_ctx(context, pFile); } + TALLOC_FREE(frame); return ret; } @@ -365,6 +371,7 @@ SMBC_fstatvfs_ctx(SMBCCTX *context, uint32 fs_attrs = 0; struct cli_state *cli = file->srv->cli; struct smbXcli_tcon *tcon; + TALLOC_CTX *frame = talloc_stackframe(); if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) { tcon = cli->smb2.tcon; @@ -488,5 +495,6 @@ SMBC_fstatvfs_ctx(SMBCCTX *context, st->f_flags = flags; #endif + TALLOC_FREE(frame); return 0; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b0a9a69 libnetapi: Fix 241166 Fixing logically dead code via fbb2d49 registry: Fix 1273042 Identical code for if/else branch via 508b45f ctdb: Fix CID 1125615 Copy into fixed size buffer via 93d4e80 ctdb: Fix CID 1125634 Out-of-bounds write via c7cc3ad lib: Fix CID 1273009 Dereference after null check via 5d0a5c4 loadparm: Fix CID 1273054 Improper use of negative value via d02840a replace: clean-up strlcpy and add note on return value from 4cc51f9 vfs_fruit: enhance handling of malformed AppleDouble files https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b0a9a69bccd5a2c802c622fe7201212bcd3a6ac6 Author: Anoop C S Date: Thu Mar 26 14:05:19 2015 +0530 libnetapi: Fix 241166 Fixing logically dead code Signed-off-by: Anoop C S Reviewed-by: Guenther Deschner Reviewed-by: Michael Adam Autobuild-User(master): Michael Adam Autobuild-Date(master): Thu Mar 26 17:30:27 CET 2015 on sn-devel-104 commit fbb2d4929f90aec862b963d224aeb586aae33c64 Author: Anoop C S Date: Thu Mar 26 18:06:44 2015 +0530 registry: Fix 1273042 Identical code for if/else branch Signed-off-by: Anoop C S Reviewed-by: Michael Adam Reviewed-by: Volker Lendecke Reviewed-by: Ira Cooper Reviewed-by: Guenther Deschner commit 508b45fca93ca2dfb048fdf7465602bc34df42db Author: Volker Lendecke Date: Thu Mar 26 13:11:14 2015 +0100 ctdb: Fix CID 1125615 Copy into fixed size buffer Might be a "can't happen", but strcpy always looks fishy Signed-off-by: Volker Lendecke Reviewed-by: Michael Adam commit 93d4e801298d8ebb7261adbfc2bdb1a5fbe7115c Author: Volker Lendecke Date: Thu Mar 26 13:06:26 2015 +0100 ctdb: Fix CID 1125634 Out-of-bounds write Signed-off-by: Volker Lendecke Reviewed-by: Michael Adam commit c7cc3adca2d7cfdd2350a9e0d540570bc826e2c7 Author: Volker Lendecke Date: Thu Mar 26 10:21:20 2015 +0100 lib: Fix CID 1273009 Dereference after null check Signed-off-by: Volker Lendecke Reviewed-by: Michael Adam commit 5d0a5c421641f719bcee6133119c1443dd7a4710 Author: Volker Lendecke Date: Thu Mar 26 10:14:22 2015 +0100 loadparm: Fix CID 1273054 Improper use of negative value Probably a "can't happen", but formally lpcfg_map_parameter can return -1 Signed-off-by: Volker Lendecke Reviewed-by: Michael Adam commit d02840a3a4d113e17a4225b0e7b1c893634a31d9 Author: David Disseldorp Date: Thu Mar 26 12:21:44 2015 +0100 replace: clean-up strlcpy and add note on return value The existing implementation uses single line ifs, making the code hard to visually parse. Signed-off-by: David Disseldorp Reviewed-by: Michael Adam --- Summary of changes: ctdb/tests/src/ctdb_takeover_tests.c | 2 +- ctdb/tests/src/ctdb_test_stubs.c | 7 ++- lib/param/loadparm.c | 3 +++ lib/replace/replace.c| 16 source3/lib/messages.c | 1 + source3/lib/netapi/user.c| 3 --- source3/registry/reg_perfcount.c | 12 ++-- 7 files changed, 25 insertions(+), 19 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/tests/src/ctdb_takeover_tests.c b/ctdb/tests/src/ctdb_takeover_tests.c index 8b07325..7ff8755 100644 --- a/ctdb/tests/src/ctdb_takeover_tests.c +++ b/ctdb/tests/src/ctdb_takeover_tests.c @@ -431,7 +431,7 @@ static void ctdb_test_init(const char nodestates[], while (tok != NULL) { nodeflags[numnodes] = (uint32_t) strtol(tok, NULL, 0); numnodes++; - if (numnodes > CTDB_TEST_MAX_NODES) { + if (numnodes >= CTDB_TEST_MAX_NODES) { DEBUG(DEBUG_ERR, ("ERROR: Exceeding CTDB_TEST_MAX_NODES: %d\n", CTDB_TEST_MAX_NODES)); exit(1); } diff --git a/ctdb/tests/src/ctdb_test_stubs.c b/ctdb/tests/src/ctdb_test_stubs.c index 3ea508a..a9947b1 100644 --- a/ctdb/tests/src/ctdb_test_stubs.c +++ b/ctdb/tests/src/ctdb_test_stubs.c @@ -597,7 +597,12 @@ int32_t ctdb_control_get_ifaces(struct ctdb_context *ctdb, i = 0; for (cur=ctdb->ifaces;cur;cur=cur->next) { - strcpy(ifaces->ifaces[i].name, cur->name); + size_t nlen = strlcpy(ifaces->ifaces[i].name, cur->name, + sizeof(ifaces->ifaces[i].name)); + if (nlen >= sizeof(ifaces->ifaces[i].name)) { + /* Ignore invalid name */ + continue; + } ifaces->ifaces[i].link_state = cur->link_up; ifaces->ifaces[i].references = cur->references; i++; diff --git a/lib/p
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2015-03-26-1643/flakey.log The samba build logs are available here: http://git.samba.org/autobuild.flakey/2015-03-26-1643/samba.stderr http://git.samba.org/autobuild.flakey/2015-03-26-1643/samba.stdout The top commit at the time of the failure was: commit 4cc51f905cb5cd80d2e289a124c0fe1630d945b5 Author: Ralph Boehme Date: Mon Mar 2 18:15:06 2015 +0100 vfs_fruit: enhance handling of malformed AppleDouble files Trying for fixup a broken AppleDouble file with a resourcefork entry offset + length > filesystem resulted in a crashing memmove() in ad_convert(). Add a specific safety check that stats the ._ file and limits the resource fork length to the filesize. While we're at it, now that we know the filesize in ad_unpack(), add additional checks that verify this. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11125 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Thu Mar 26 12:39:01 CET 2015 on sn-devel-104
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4cc51f9 vfs_fruit: enhance handling of malformed AppleDouble files from 05b61ea lib: tdb: Use sigaction when testing for robust mutexes. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4cc51f905cb5cd80d2e289a124c0fe1630d945b5 Author: Ralph Boehme Date: Mon Mar 2 18:15:06 2015 +0100 vfs_fruit: enhance handling of malformed AppleDouble files Trying for fixup a broken AppleDouble file with a resourcefork entry offset + length > filesystem resulted in a crashing memmove() in ad_convert(). Add a specific safety check that stats the ._ file and limits the resource fork length to the filesize. While we're at it, now that we know the filesize in ad_unpack(), add additional checks that verify this. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11125 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Thu Mar 26 12:39:01 CET 2015 on sn-devel-104 --- Summary of changes: source3/modules/vfs_fruit.c | 79 + 1 file changed, 73 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c index fbee321..74ea8f8 100644 --- a/source3/modules/vfs_fruit.c +++ b/source3/modules/vfs_fruit.c @@ -569,7 +569,7 @@ static bool ad_pack(struct adouble *ad) /** * Unpack an AppleDouble blob into a struct adoble **/ -static bool ad_unpack(struct adouble *ad, const int nentries) +static bool ad_unpack(struct adouble *ad, const int nentries, size_t filesize) { size_t bufsize = talloc_get_size(ad->ad_data); int adentries, i; @@ -612,11 +612,26 @@ static bool ad_unpack(struct adouble *ad, const int nentries) return false; } + /* +* All entries other than the resource fork are +* expected to be read into the ad_data buffer, so +* ensure the specified offset is within that bound +*/ if ((off > bufsize) && (eid != ADEID_RFORK)) { DEBUG(1, ("bogus eid %d: off: %" PRIu32 ", len: %" PRIu32 "\n", eid, off, len)); return false; } + + /* +* All entries besides FinderInfo and resource fork +* must fit into the buffer. FinderInfo is special as +* it may be larger then the default 32 bytes (if it +* contains marshalled xattrs), but we will fixup that +* in ad_convert(). And the resource fork is never +* accessed directly by the ad_data buf (also see +* comment above) anyway. +*/ if ((eid != ADEID_RFORK) && (eid != ADEID_FINDERI) && ((off + len) > bufsize)) { @@ -625,6 +640,48 @@ static bool ad_unpack(struct adouble *ad, const int nentries) return false; } + /* +* That would be obviously broken +*/ + if (off > filesize) { + DEBUG(1, ("bogus eid %d: off: %" PRIu32 ", len: %" PRIu32 "\n", + eid, off, len)); + return false; + } + + /* +* Check for any entry that has its end beyond the +* filesize. +*/ + if (off + len < off) { + DEBUG(1, ("offset wrap in eid %d: off: %" PRIu32 + ", len: %" PRIu32 "\n", + eid, off, len)); + return false; + + } + if (off + len > filesize) { + /* +* If this is the resource fork entry, we fix +* up the length, for any other entry we bail +* out. +*/ + if (eid != ADEID_RFORK) { + DEBUG(1, ("bogus eid %d: off: %" PRIu32 + ", len: %" PRIu32 "\n", + eid, off, len)); + return false; + } + + /* +* Fixup the resource fork entry by limiting +* the size to entryoffset - filesize. +*/ + len = filesize - off; + DEBUG(1, ("Limiting ADEID_RFORK: off: %" PRIu32 +