]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
mdssvc: fix Spotlight queries restricted to subdirectories with NFD paths gitlab/master
authorPriyanka Soni <priysoni@redhat.com>
Thu, 4 Jun 2026 13:48:41 +0000 (19:18 +0530)
committerGünther Deschner <gd@samba.org>
Tue, 14 Jul 2026 14:22:46 +0000 (14:22 +0000)
Ensure directory scopes match by aligning Unicode normalization forms.
This fixes the case when the macOS client restricts the search to
a subdirectory. macOS clients transmit paths using NFD, which can
cause lookups to fail against NFC systems used by Samba and Elasticsearch.

This commit also includes a bug fix by Ralph Boehme <slow@samba.org> to resolve a
null-termination issue of the NFD converted path in add_filemeta().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15379

Signed-off-by: Priyanka Soni <priysoni@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jul 14 14:22:46 UTC 2026 on atb-devel-224

source3/rpc_server/mdssvc/mdssvc.c
source3/rpc_server/mdssvc/mdssvc_es.c

index fd7c7495248af5e85ff260fb8693b4b60bb90221..760465f542c7454dfc91f87ef7f942ad449cb7d3 100644 (file)
@@ -131,13 +131,13 @@ static bool add_filemeta(struct mds_ctx *mds_ctx,
         * Simple heuristic, strlen by two should give enough room for NFC to
         * NFD conversion.
         */
-       nfd_buf_size = nfc_len * 2;
+       nfd_buf_size = nfc_len * 2 + 1;
        nfd_path = talloc_array(meta, char, nfd_buf_size);
        if (nfd_path == NULL) {
                return false;
        }
        dest = nfd_path;
-       dest_remaining = talloc_array_length(dest);
+       dest_remaining = talloc_array_length(dest) - 1;
 
        nconv = smb_iconv(mds_ctx->ic_nfc_to_nfd,
                          &nfc_path,
@@ -147,6 +147,7 @@ static bool add_filemeta(struct mds_ctx *mds_ctx,
        if (nconv == (size_t)-1) {
                return false;
        }
+       *dest = '\0';
 
        for (i = 0; i < metacount; i++) {
                attribute = dalloc_get_object(reqinfo, i);
index 59f91271e59b07895cb7ebdedce5978605fa8ae5..52afc34335fa783307f740a27bf386c9f68cc433 100644 (file)
@@ -603,6 +603,11 @@ static struct tevent_req *mds_es_search_send(TALLOC_CTX *mem_ctx,
        char *elastic_query_len_str = NULL;
        char *hostname = NULL;
        bool pretty = false;
+       const char *nfd_path = NULL;
+       char nfc_buf[PATH_MAX] = {};
+       char *nfc_path = nfc_buf;
+       size_t nfd_len, nfc_remaining;
+       size_t nconv;
 
        req = tevent_req_create(mem_ctx, &state, struct mds_es_search_state);
        if (req == NULL) {
@@ -637,6 +642,27 @@ static struct tevent_req *mds_es_search_send(TALLOC_CTX *mem_ctx,
                return tevent_req_post(req, ev);
        }
 
+       nfd_path = s->slq->path_scope;
+       nfc_remaining = sizeof(nfc_buf);
+       nfd_len = strlen(nfd_path);
+       nconv = smb_iconv(s->mds_es_ctx->mds_ctx->ic_nfd_to_nfc,
+                         &nfd_path,
+                         &nfd_len,
+                         &nfc_path,
+                         &nfc_remaining);
+       if (nconv == (size_t)-1) {
+               DBG_ERR("smb_iconv NFD to NFC failed for: %s\n",
+                         s->slq->path_scope);
+               tevent_req_error(req, EIO);
+               return tevent_req_post(req, ev);
+       }
+       *nfc_path = '\0';
+       s->slq->path_scope = talloc_strdup(s->slq, nfc_buf);
+       if (tevent_req_nomem(s->slq->path_scope, req)) {
+               return tevent_req_post(req, ev);
+       }
+       DBG_DEBUG("Converted path_scope to NFC: %s\n", s->slq->path_scope);
+
        elastic_query = talloc_asprintf(
                state,
                MDSSVC_ELASTIC_QUERY_TEMPLATE,