From da1103dbdc9d9901ff1e95d6a0d81db53c6ebcec Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow@samba.org>
Date: Fri, 19 Jun 2020 12:31:23 +0200
Subject: [PATCH] smbd: build smb_fname per file to delete in
 unlink_internals()

Make sure to pass fresh smb_fname's to do_unlink(). Needed for path-ref fsps in
the future.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jul 18 07:21:11 UTC 2020 on sn-devel-184
---
 source3/smbd/reply.c | 36 +++++++++++++++++++++++-------------
 1 file changed, 23 insertions(+), 13 deletions(-)

diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index f911fc006a3..252b9556c3f 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -3473,6 +3473,8 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
 		while ((dname = ReadDirName(dir_hnd, &offset,
 					    &smb_fname->st, &talloced))) {
 			TALLOC_CTX *frame = talloc_stackframe();
+			char *p = NULL;
+			struct smb_filename *f = NULL;
 
 			if (!is_visible_file(conn,
 					dir_hnd,
@@ -3498,19 +3500,27 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
 				continue;
 			}
 
-			TALLOC_FREE(smb_fname->base_name);
 			if (ISDOT(fname_dir)) {
 				/* Ensure we use canonical names on open. */
-				smb_fname->base_name =
-					talloc_asprintf(smb_fname, "%s",
-						dname);
+				p = talloc_asprintf(smb_fname, "%s", dname);
 			} else {
-				smb_fname->base_name =
-					talloc_asprintf(smb_fname, "%s/%s",
-						fname_dir, dname);
+				p = talloc_asprintf(smb_fname, "%s/%s",
+						    fname_dir, dname);
 			}
-
-			if (!smb_fname->base_name) {
+			if (p == NULL) {
+				TALLOC_FREE(dir_hnd);
+				status = NT_STATUS_NO_MEMORY;
+				TALLOC_FREE(frame);
+				TALLOC_FREE(talloced);
+				goto out;
+			}
+			f = synthetic_smb_fname(frame,
+						p,
+						NULL,
+						&smb_fname->st,
+						smb_fname->flags,
+						smb_fname->twrp);
+			if (f == NULL) {
 				TALLOC_FREE(dir_hnd);
 				status = NT_STATUS_NO_MEMORY;
 				TALLOC_FREE(frame);
@@ -3518,7 +3528,7 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
 				goto out;
 			}
 
-			status = check_name(conn, smb_fname);
+			status = check_name(conn, f);
 			if (!NT_STATUS_IS_OK(status)) {
 				TALLOC_FREE(dir_hnd);
 				TALLOC_FREE(frame);
@@ -3526,7 +3536,7 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
 				goto out;
 			}
 
-			status = do_unlink(conn, req, smb_fname, dirtype);
+			status = do_unlink(conn, req, f, dirtype);
 			if (!NT_STATUS_IS_OK(status)) {
 				TALLOC_FREE(dir_hnd);
 				TALLOC_FREE(frame);
@@ -3535,8 +3545,8 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
 			}
 
 			count++;
-			DEBUG(3,("unlink_internals: successful unlink [%s]\n",
-				 smb_fname->base_name));
+			DBG_DEBUG("successful unlink [%s]\n",
+				  smb_fname_str_dbg(f));
 
 			TALLOC_FREE(frame);
 			TALLOC_FREE(talloced);
-- 
2.47.3