From: Shachar Sharon <ssharon@redhat.com>
Date: Thu, 5 Jun 2025 08:45:00 +0000 (+0300)
Subject: smbd: Fix Coverity ID 1635770: avoid NULL deref of reparse
X-Git-Tag: tevent-0.17.0~31
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=91a3b8494f3176df5f5b97b52f497ff72f21bbe8;p=thirdparty%2Fsamba.git

smbd: Fix Coverity ID 1635770: avoid NULL deref of reparse

Commit 6d71edab5a ("smbd: use fsctl_get_reparse_point() in
smb3_file_posix_information_init()") introduced the local helper
function reparse_buffer_parse_posix_type; when this function enter the
case where 'reparse_tag != IO_REPARSE_TAG_NFS' the local variable
reparse is still NULL, and must not be de-referenced in DBG_INFO print.

Fixes Coverity issue 1635770

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Mon Jun  9 06:26:05 UTC 2025 on atb-devel-224
---

diff --git a/source3/smbd/smb2_posix.c b/source3/smbd/smb2_posix.c
index 8797b266260..d2313696dd6 100644
--- a/source3/smbd/smb2_posix.c
+++ b/source3/smbd/smb2_posix.c
@@ -44,7 +44,7 @@ static NTSTATUS reparse_buffer_parse_posix_type(uint32_t reparse_tag,
 		 * anything that is not a NFS one (or symlink) as S_IFREG.
 		 */
 		DBG_INFO("Unhandled NFS reparse tag: 0x%" PRIx32 "\n",
-			 reparse->tag);
+			 reparse_tag);
 		*type = S_IFREG;
 		return NT_STATUS_OK;
 	}