Author: jerry Date: 2006-01-27 21:35:50 +0000 (Fri, 27 Jan 2006) New Revision: 13196
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13196 Log: a few more last minute fixes; still one bug to go Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt branches/SAMBA_3_0_RELEASE/examples/LDAP/samba.schema.at.IBM-DS branches/SAMBA_3_0_RELEASE/examples/LDAP/samba.schema.oc.IBM-DS branches/SAMBA_3_0_RELEASE/source/locking/locking.c branches/SAMBA_3_0_RELEASE/source/passdb/secrets.c branches/SAMBA_3_0_RELEASE/source/smbd/oplock.c Changeset: Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt =================================================================== --- branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2006-01-27 20:00:15 UTC (rev 13195) +++ branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2006-01-27 21:35:50 UTC (rev 13196) @@ -117,12 +117,21 @@ * Fix double free in on failure path in POSIX acl code. +o Andriy Gapon <[EMAIL PROTECTED]> + * BUG 3458: Fix crash bug in smbd and winbindd caused by + accessing freed memory. + + o Björn Jacke <[EMAIL PROTECTED]> * Configure check for Tru64 EA functions (not yet implemented). * Find Tru64 AIO lib in configure. * Cut-n-paste fixes in configure.in. +o John Janosik <[EMAIL PROTECTED]> + * IBM Tivoli Directory Server schema updates. + + o Michael James <[EMAIL PROTECTED]> * sid2string fix in adssearch.pl. Modified: branches/SAMBA_3_0_RELEASE/examples/LDAP/samba.schema.at.IBM-DS =================================================================== --- branches/SAMBA_3_0_RELEASE/examples/LDAP/samba.schema.at.IBM-DS 2006-01-27 20:00:15 UTC (rev 13195) +++ branches/SAMBA_3_0_RELEASE/examples/LDAP/samba.schema.at.IBM-DS 2006-01-27 21:35:50 UTC (rev 13196) @@ -76,3 +76,24 @@ attributetypes=( 1.3.6.1.4.1.7165.2.1.56 NAME 'sambaAccountPolicyName' DESC 'Account Policy Name' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) attributetypes=( 1.3.6.1.4.1.7165.2.1.57 NAME 'sambaAccountPolicyValue' DESC 'Account Policy Value' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' DESC 'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength' DESC 'Length of Password History Entries (default: 0 => off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' DESC 'Force Users to logon for password change (default: 0 => off, 2 => on)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' DESC 'Maximum password age, in seconds (default: -1 => never expire passwords)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' DESC 'Minimum password age, in seconds (default: 0 => allow immediate password change)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' DESC 'Lockout duration in minutes (default: 30, -1 => forever)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservationWindow' DESC 'Reset time after lockout in minutes (default: 30)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold' DESC 'Lockout users after bad logon attempts (default: 0 => off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' DESC 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange' DESC 'Allow Machine Password changes (default: 0 => off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + Modified: branches/SAMBA_3_0_RELEASE/examples/LDAP/samba.schema.oc.IBM-DS =================================================================== --- branches/SAMBA_3_0_RELEASE/examples/LDAP/samba.schema.oc.IBM-DS 2006-01-27 20:00:15 UTC (rev 13195) +++ branches/SAMBA_3_0_RELEASE/examples/LDAP/samba.schema.oc.IBM-DS 2006-01-27 21:35:50 UTC (rev 13196) @@ -4,7 +4,7 @@ objectclasses=( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' SUP top AUXILIARY DESC 'Samba Group Mapping' MUST ( gidNumber $ sambaSID $ sambaGroupType ) MAY ( displayName $ description $ sambaSIDList )) -objectclasses=( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL DESC 'Samba Domain Information' MUST ( sambaDomainName $ sambaSID ) MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBase ) ) +objectclasses=( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL DESC 'Samba Domain Information' MUST ( sambaDomainName $ sambaSID ) MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBase $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ sambaMaxPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachinePwdChange ) ) objectclasses=( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY DESC 'Pool for allocating UNIX uids/gids' MUST ( uidNumber $ gidNumber ) ) Modified: branches/SAMBA_3_0_RELEASE/source/locking/locking.c =================================================================== --- branches/SAMBA_3_0_RELEASE/source/locking/locking.c 2006-01-27 20:00:15 UTC (rev 13195) +++ branches/SAMBA_3_0_RELEASE/source/locking/locking.c 2006-01-27 21:35:50 UTC (rev 13196) @@ -384,11 +384,13 @@ { static pstring share_str; - slprintf(share_str, sizeof(share_str)-1, "share_mode_entry[%d]: " + slprintf(share_str, sizeof(share_str)-1, "share_mode_entry[%d]: %s " "pid = %s, share_access = 0x%x, private_options = 0x%x, " "access_mask = 0x%x, mid = 0x%x, type= 0x%x, file_id = %lu, " "dev = 0x%x, inode = %.0f", - num, procid_str_static(&e->pid), + num, + e->op_type == UNUSED_SHARE_MODE_ENTRY ? "UNUSED" : "", + procid_str_static(&e->pid), e->share_access, e->private_options, e->access_mask, e->op_mid, e->op_type, e->share_file_id, (unsigned int)e->dev, (double)e->inode ); @@ -408,9 +410,11 @@ int i; for (i = 0; i < num_share_modes; i++) { - struct share_mode_entry *entry_p = &shares[i]; + struct share_mode_entry entry; + + memcpy(&entry, &shares[i], sizeof(struct share_mode_entry)); DEBUG(10,("print_share_mode_table: %s\n", - share_mode_str(i, entry_p))); + share_mode_str(i, &entry))); } } @@ -543,7 +547,11 @@ offset += sp_len + 1; safe_strcpy(result.dptr + offset, lck->filename, result.dsize - offset - 1); - print_share_mode_table(data); + + if (DEBUGLEVEL >= 10) { + print_share_mode_table(data); + } + return result; } Modified: branches/SAMBA_3_0_RELEASE/source/passdb/secrets.c =================================================================== --- branches/SAMBA_3_0_RELEASE/source/passdb/secrets.c 2006-01-27 20:00:15 UTC (rev 13195) +++ branches/SAMBA_3_0_RELEASE/source/passdb/secrets.c 2006-01-27 21:35:50 UTC (rev 13196) @@ -299,7 +299,6 @@ *pass_last_set_time = pass->mod_time; } memcpy(ret_pwd, pass->hash, 16); - SAFE_FREE(pass); if (channel) { *channel = get_default_sec_channel(); @@ -313,6 +312,7 @@ } } + SAFE_FREE(pass); return True; } Modified: branches/SAMBA_3_0_RELEASE/source/smbd/oplock.c =================================================================== --- branches/SAMBA_3_0_RELEASE/source/smbd/oplock.c 2006-01-27 20:00:15 UTC (rev 13195) +++ branches/SAMBA_3_0_RELEASE/source/smbd/oplock.c 2006-01-27 21:35:50 UTC (rev 13196) @@ -684,6 +684,11 @@ don't have to do anything */ for (i=0; i<lck->num_share_modes; i++) { struct share_mode_entry *e = &lck->share_modes[i]; + + if (!is_valid_share_mode_entry(e)) { + continue; + } + if ((e->op_type == NO_OPLOCK) && (e->share_file_id == fsp->file_id) && (e->dev == fsp->dev) && @@ -701,6 +706,10 @@ struct share_mode_entry *share_entry = &lck->share_modes[i]; char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE]; + if (!is_valid_share_mode_entry(share_entry)) { + continue; + } + /* * As there could have been multiple writes waiting at the * lock_share_entry gate we may not be the first to
