pysmbd: Python code calls smbd code with "." and ".."

Soon we will call filename_convert_dirfsp() on these, which can't deal
with paths that are invalid by containing . and .. as path components.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
index e1f889dad30b8d7f65e810a15e96a3c15ff15232..9fe885a51b002e3d53d0bb20273764aaccb98f6e 100644 (file)
--- a/source3/smbd/pysmbd.c
+++ b/source3/smbd/pysmbd.c
@@ -133,9 +133,10 @@ static int set_sys_acl_conn(const char *fname,
        TALLOC_CTX *frame = talloc_stackframe();
        NTSTATUS status;
 
-       smb_fname = synthetic_smb_fname_split(frame,
-                                       fname,
-                                       lp_posix_pathnames());
+       smb_fname = synthetic_smb_fname_split(
+               frame,
+               canonicalize_absolute_path(talloc_tos(), fname),
+               lp_posix_pathnames());
        if (smb_fname == NULL) {
                TALLOC_FREE(frame);
                return -1;
@@ -186,9 +187,10 @@ static NTSTATUS init_files_struct(TALLOC_CTX *mem_ctx,
        }
        fsp->conn = conn;
 
-       smb_fname = synthetic_smb_fname_split(fsp,
-                                             fname,
-                                             lp_posix_pathnames());
+       smb_fname = synthetic_smb_fname_split(
+               fsp,
+               canonicalize_absolute_path(talloc_tos(), fname),
+               lp_posix_pathnames());
        if (smb_fname == NULL) {
                return NT_STATUS_NO_MEMORY;
        }
@@ -302,9 +304,10 @@ static NTSTATUS get_nt_acl_conn(TALLOC_CTX *mem_ctx,
        NTSTATUS status;
        struct smb_filename *smb_fname =  NULL;
 
-       smb_fname = synthetic_smb_fname_split(frame,
-                                       fname,
-                                       lp_posix_pathnames());
+       smb_fname = synthetic_smb_fname_split(
+               frame,
+               canonicalize_absolute_path(talloc_tos(), fname),
+               lp_posix_pathnames());
 
        if (smb_fname == NULL) {
                TALLOC_FREE(frame);
@@ -697,9 +700,10 @@ static PyObject *py_smbd_unlink(PyObject *self, PyObject *args, PyObject *kwargs
                return NULL;
        }
 
-       smb_fname = synthetic_smb_fname_split(frame,
-                                       fname,
-                                       lp_posix_pathnames());
+       smb_fname = synthetic_smb_fname_split(
+               frame,
+               canonicalize_absolute_path(talloc_tos(), fname),
+               lp_posix_pathnames());
        if (smb_fname == NULL) {
                TALLOC_FREE(frame);
                return PyErr_NoMemory();
@@ -1038,9 +1042,10 @@ static PyObject *py_smbd_get_sys_acl(PyObject *self, PyObject *args, PyObject *k
                return NULL;
        }
 
-       smb_fname = synthetic_smb_fname_split(frame,
-                                       fname,
-                                       lp_posix_pathnames());
+       smb_fname = synthetic_smb_fname_split(
+               frame,
+               canonicalize_absolute_path(talloc_tos(), fname),
+               lp_posix_pathnames());
        if (smb_fname == NULL) {
                TALLOC_FREE(frame);
                return NULL;
@@ -1127,13 +1132,13 @@ static PyObject *py_smbd_mkdir(PyObject *self, PyObject *args, PyObject *kwargs)
                return NULL;
        }
 
-       smb_fname = synthetic_smb_fname(talloc_tos(),
-                                       fname,
-                                       NULL,
-                                       NULL,
-                                       0,
-                                       lp_posix_pathnames() ?
-                                       SMB_FILENAME_POSIX_PATH : 0);
+       smb_fname = synthetic_smb_fname(
+               talloc_tos(),
+               canonicalize_absolute_path(talloc_tos(), fname),
+               NULL,
+               NULL,
+               0,
+               lp_posix_pathnames() ? SMB_FILENAME_POSIX_PATH : 0);
 
        if (smb_fname == NULL) {
                TALLOC_FREE(frame);