CVE-2017-2619: s3: smbd: Remove O_NOFOLLOW guards. We insist on O_NOFOLLOW existing.

author Jeremy Allison <jra@samba.org>

Thu, 15 Dec 2016 20:52:13 +0000 (12:52 -0800)

committer Karolin Seeger <kseeger@samba.org>

Wed, 22 Mar 2017 09:45:17 +0000 (10:45 +0100)
author Jeremy Allison <jra@samba.org>
Thu, 15 Dec 2016 20:52:13 +0000 (12:52 -0800)
committer Karolin Seeger <kseeger@samba.org>
Wed, 22 Mar 2017 09:45:17 +0000 (10:45 +0100)
diff --git a/source3/smbd/open.c b/source3/smbd/open.c

index 1c67684b8bf16ff5980aea5888a46c2bb4e6977a..a014b5e997492f706dba5618cd581e8ea8c7445d 100644 (file)
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -363,8 +363,7 @@ NTSTATUS fd_open(struct connection_struct *conn,
         struct smb_filename *smb_fname = fsp->fsp_name;
         NTSTATUS status = NT_STATUS_OK;
  
-#ifdef O_NOFOLLOW
-       /* 
+       /*
          * Never follow symlinks on a POSIX client. The
          * client should be doing this.
          */
@@ -372,12 +371,10 @@ NTSTATUS fd_open(struct connection_struct *conn,
         if ((fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) || !lp_follow_symlinks(SNUM(conn))) {
                 flags |= O_NOFOLLOW;
         }
-#endif
  
         fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
         if (fsp->fh->fd == -1) {
                 int posix_errno = errno;
-#ifdef O_NOFOLLOW
  #if defined(ENOTSUP) && defined(OSF1)
                 /* handle special Tru64 errno */
                 if (errno == ENOTSUP) {
@@ -394,7 +391,6 @@ NTSTATUS fd_open(struct connection_struct *conn,
                 if (errno == EMLINK) {
                         posix_errno = ELOOP;
                 }
-#endif /* O_NOFOLLOW */
                 status = map_nt_error_from_unix(posix_errno);
                 if (errno == EMFILE) {
                         static time_t last_warned = 0L;
author	Jeremy Allison <jra@samba.org>
	Thu, 15 Dec 2016 20:52:13 +0000 (12:52 -0800)
committer	Karolin Seeger <kseeger@samba.org>
	Wed, 22 Mar 2017 09:45:17 +0000 (10:45 +0100)