]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c54bec2)
s3: smbd: Fix fsp/fd leak when looking up a non-existent stream name on a file.
authorJeremy Allison <jra@samba.org>
Tue, 28 Feb 2023 19:20:12 +0000 (11:20 -0800)
committerRalph Boehme <slow@samba.org>
Fri, 3 Mar 2023 16:37:27 +0000 (16:37 +0000)
When open_stream_pathref_fsp() returns
NT_STATUS_OBJECT_NAME_NOT_FOUND, smb_fname_rel->fsp
has been set to NULL, so we must free base_fsp separately
to prevent fd-leaks when opening a stream that doesn't
exist.

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15314

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Mar  3 16:37:27 UTC 2023 on atb-devel-224

selftest/knownfail.d/stream_rename [deleted file] patch | blob | blame | history
source3/smbd/filename.c patch | blob | blame | history

diff --git a/selftest/knownfail.d/stream_rename b/selftest/knownfail.d/stream_rename
deleted file mode 100644 (file)
index 2dccb82..0000000
--- a/selftest/knownfail.d/stream_rename
+++ /dev/null
@@ -1 +0,0 @@
-^samba3.blackbox.stream_dir_rename.stream_rename\(fileserver\)
diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index e9775387d113a13ecd29aca081f6d871c36af336..78f552de9b244ae768ec91514a1d1d8cddd7b1e7 100644 (file)
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -1386,6 +1386,16 @@ static NTSTATUS filename_convert_dirfsp_nosymlink(
                        status = NT_STATUS_NO_MEMORY;
                        goto fail;
                }
+               /*
+                * When open_stream_pathref_fsp() returns
+                * NT_STATUS_OBJECT_NAME_NOT_FOUND, smb_fname_rel->fsp
+                * has been set to NULL, so we must free base_fsp separately
+                * to prevent fd-leaks when opening a stream that doesn't
+                * exist.
+                */
+               fd_close(base_fsp);
+               file_free(NULL, base_fsp);
+               base_fsp = NULL;
                goto done;
        }
 
@@ -1402,6 +1412,17 @@ done:
        return NT_STATUS_OK;
 
 fail:
+       /*
+        * If open_stream_pathref_fsp() returns an error, smb_fname_rel->fsp
+        * has been set to NULL, so we must free base_fsp separately
+        * to prevent fd-leaks when opening a stream that doesn't
+        * exist.
+        */
+       if (base_fsp != NULL) {
+               fd_close(base_fsp);
+               file_free(NULL, base_fsp);
+               base_fsp = NULL;
+       }
        TALLOC_FREE(dirname);
        TALLOC_FREE(smb_dirname);
        TALLOC_FREE(smb_fname_rel);
Mirror of https://github.com/samba-team/samba.git