smbd: remove struct privilege_paths

author Ralph Boehme <slow@samba.org>

Mon, 30 Mar 2020 06:06:10 +0000 (08:06 +0200)

committer Jeremy Allison <jra@samba.org>

Tue, 31 Mar 2020 19:32:11 +0000 (19:32 +0000)
author Ralph Boehme <slow@samba.org>
Mon, 30 Mar 2020 06:06:10 +0000 (08:06 +0200)
committer Jeremy Allison <jra@samba.org>
Tue, 31 Mar 2020 19:32:11 +0000 (19:32 +0000)
diff --git a/source3/include/vfs.h b/source3/include/vfs.h

index eae9f97179ff3a8727f97133c0db5713b03ba6f9..fe3156738230bbf1060790096b415d7f443797c8 100644 (file)
--- a/source3/include/vfs.h
+++ b/source3/include/vfs.h
@@ -543,7 +543,6 @@ typedef struct connection_struct {
  } connection_struct;
  
  struct smbd_smb2_request;
-struct privilege_paths;
  struct referral;
  
  struct smb_request {
@@ -600,12 +599,6 @@ struct smb_request {
          */
         struct smbd_smb2_request *smb2req;
  
-       /*
-        * Pathnames used if request done
-        * under privilege.
-        */
-       struct privilege_paths *priv_paths;
-
         /*
          * Request list for chained requests, we're part of it.
          */
diff --git a/source3/smbd/process.c b/source3/smbd/process.c

index 8ffe35556375e219b7e300d9f08d087f905147c0..955f13938b48aa76f41c44fc66498ced16dd29a4 100644 (file)
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -632,7 +632,6 @@ static bool init_smb_request(struct smb_request *req,
         }
         req->chain_fsp = NULL;
         req->smb2req = NULL;
-       req->priv_paths = NULL;
         req->chain = NULL;
         req->posix_pathnames = lp_posix_pathnames();
         smb_init_perfcount_data(&req->pcd);
diff --git a/source3/smbd/smbd.h b/source3/smbd/smbd.h

index 4c13239c7932cabfbd575fdb343164a08587fe27..787582850db170aeac7db0a0d25c8c252fe3f08d 100644 (file)
--- a/source3/smbd/smbd.h
+++ b/source3/smbd/smbd.h
@@ -26,15 +26,6 @@ struct dptr_struct;
  #include "smbd/proto.h"
  #include "locking/proto.h"
  
-/*
- * Pathnames used if request done
- * under privilege.
- */
-struct privilege_paths {
-       struct smb_filename parent_name;
-       struct smb_filename file_name;
-};
-
  struct trans_state {
         struct trans_state *next, *prev;
         uint64_t vuid; /* SMB2 compat */
diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c

index 9e0d14cd57a3cfd902446032d5dd56e59eae6cd3..f99c12f045163c145f29bee98c7164ac2336d2b6 100644 (file)
--- a/source3/smbd/vfs.c
+++ b/source3/smbd/vfs.c
@@ -1025,36 +1025,29 @@ NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
         struct smb_filename *resolved_fname = NULL;
         struct smb_filename *saved_dir_fname = NULL;
         struct smb_filename *smb_fname_cwd = NULL;
-       struct privilege_paths *priv_paths = NULL;
         int ret;
+       struct smb_filename parent_name = { 0 };
+       struct smb_filename file_name = { 0 };
  
         DEBUG(3,("check_reduced_name_with_privilege [%s] [%s]\n",
                         smb_fname->base_name,
                         conn->connectpath));
  
  
-       priv_paths = talloc_zero(smbreq, struct privilege_paths);
-       if (!priv_paths) {
-               status = NT_STATUS_NO_MEMORY;
-               goto err;
-       }
-
         if (!parent_dirname(ctx, smb_fname->base_name,
                         &dir_name, &last_component)) {
                 status = NT_STATUS_NO_MEMORY;
                 goto err;
         }
  
-       priv_paths->parent_name.base_name = talloc_strdup(priv_paths, dir_name);
-       priv_paths->file_name.base_name = talloc_strdup(priv_paths, last_component);
-
-       if (priv_paths->parent_name.base_name == NULL ||
-                       priv_paths->file_name.base_name == NULL) {
+       parent_name.base_name = dir_name;
+       file_name.base_name = talloc_strdup(ctx, last_component);
+       if (file_name.base_name == NULL) {
                 status = NT_STATUS_NO_MEMORY;
                 goto err;
         }
  
-       if (SMB_VFS_STAT(conn, &priv_paths->parent_name) != 0) {
+       if (SMB_VFS_STAT(conn, &parent_name) != 0) {
                 status = map_nt_error_from_unix(errno);
                 goto err;
         }
@@ -1065,7 +1058,7 @@ NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
                 goto err;
         }
  
-       if (vfs_ChDir(conn, &priv_paths->parent_name) == -1) {
+       if (vfs_ChDir(conn, &parent_name) == -1) {
                 status = map_nt_error_from_unix(errno);
                 goto err;
         }
@@ -1092,7 +1085,7 @@ NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
         }
  
         DEBUG(10,("check_reduced_name_with_privilege: realpath [%s] -> [%s]\n",
-               priv_paths->parent_name.base_name,
+               parent_name.base_name,
                 resolved_name));
  
         /* Now check the stat value is the same. */
@@ -1102,11 +1095,11 @@ NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
         }
  
         /* Ensure we're pointing at the same place. */
-       if (!check_same_stat(&smb_fname_cwd->st, &priv_paths->parent_name.st)) {
+       if (!check_same_stat(&smb_fname_cwd->st, &parent_name.st)) {
                 DEBUG(0,("check_reduced_name_with_privilege: "
                         "device/inode/uid/gid on directory %s changed. "
                         "Denying access !\n",
-                       priv_paths->parent_name.base_name));
+                       parent_name.base_name));
                 status = NT_STATUS_ACCESS_DENIED;
                 goto err;
         }
@@ -1153,30 +1146,30 @@ NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
         /* Now ensure that the last component either doesn't
            exist, or is *NOT* a symlink. */
  
-       ret = SMB_VFS_LSTAT(conn, &priv_paths->file_name);
+       ret = SMB_VFS_LSTAT(conn, &file_name);
         if (ret == -1) {
                 /* Errno must be ENOENT for this be ok. */
                 if (errno != ENOENT) {
                         status = map_nt_error_from_unix(errno);
                         DEBUG(2, ("check_reduced_name_with_privilege: "
                                 "LSTAT on %s failed with %s\n",
-                               priv_paths->file_name.base_name,
+                               file_name.base_name,
                                 nt_errstr(status)));
                         goto err;
                 }
         }
  
-       if (VALID_STAT(priv_paths->file_name.st) &&
-                       S_ISLNK(priv_paths->file_name.st.st_ex_mode)) {
+       if (VALID_STAT(file_name.st) &&
+           S_ISLNK(file_name.st.st_ex_mode))
+       {
                 DEBUG(2, ("check_reduced_name_with_privilege: "
                         "Last component %s is a symlink. Denying"
                         "access.\n",
-                       priv_paths->file_name.base_name));
+                       file_name.base_name));
                 status = NT_STATUS_ACCESS_DENIED;
                 goto err;
         }
  
-       smbreq->priv_paths = priv_paths;
         status = NT_STATUS_OK;
  
    err:
@@ -1186,9 +1179,6 @@ NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
                 TALLOC_FREE(saved_dir_fname);
         }
         TALLOC_FREE(resolved_fname);
-       if (!NT_STATUS_IS_OK(status)) {
-               TALLOC_FREE(priv_paths);
-       }
         TALLOC_FREE(dir_name);
         return status;
  }
author	Ralph Boehme <slow@samba.org>
	Mon, 30 Mar 2020 06:06:10 +0000 (08:06 +0200)
committer	Jeremy Allison <jra@samba.org>
	Tue, 31 Mar 2020 19:32:11 +0000 (19:32 +0000)
source3/include/vfs.h		patch \| blob \| blame \| history
source3/smbd/process.c		patch \| blob \| blame \| history
source3/smbd/smbd.h		patch \| blob \| blame \| history
source3/smbd/vfs.c		patch \| blob \| blame \| history