vfs: Only call openat for valid params in fake_acls_stat

openat(-1, "relative path", ..) is invalid. I've tried to also tighten
this down to just relative paths (i.e. base_name[0] != '/'), but
non_widelink_open makes modifications further down that make this more
difficult.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

diff --git a/source3/modules/vfs_fake_acls.c b/source3/modules/vfs_fake_acls.c
index 69cae8ce21dd4b84876d24fa096771d9c137d713..d2b969765821c372a621b1f5797c7334f0f88fd8 100644 (file)
--- a/source3/modules/vfs_fake_acls.c
+++ b/source3/modules/vfs_fake_acls.c
@@ -126,12 +126,20 @@ static int fake_acls_stat(vfs_handle_struct *handle,
                        return -1;
                }
 
-               /* Recursion guard. */
-               prd->calling_pathref_fsp = true;
-               status = openat_pathref_fsp(handle->conn->cwd_fsp,
-                                           smb_fname_cp);
-               /* End recursion guard. */
-               prd->calling_pathref_fsp = false;
+               if (fsp_get_pathref_fd(handle->conn->cwd_fsp) == -1) {
+                       /*
+                        * No tcon around, fail as if we don't have
+                        * the EAs
+                        */
+                       status = NT_STATUS_INVALID_HANDLE;
+               } else {
+                       /* Recursion guard. */
+                       prd->calling_pathref_fsp = true;
+                       status = openat_pathref_fsp(handle->conn->cwd_fsp,
+                                                   smb_fname_cp);
+                       /* End recursion guard. */
+                       prd->calling_pathref_fsp = false;
+               }
 
                if (!NT_STATUS_IS_OK(status)) {
                        /*