From 263c95aee38c9198ad9a30c4d960d72f46b7c27a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 15 Jun 2021 15:42:33 -0700 Subject: [PATCH] s3: smbd: Fix smbd crash on dangling symlink with posix connection calling several non-posix info levels. Tidy up fsp == NULL checks. Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14742 Signed-off-by: Jeremy Allison Reviewed-by: Noel Power Autobuild-User(master): Noel Power Autobuild-Date(master): Wed Jun 16 11:58:00 UTC 2021 on sn-devel-184 --- selftest/knownfail.d/setpathsymlink | 2 -- source3/smbd/trans2.c | 14 +++++++++++++- 2 files changed, 13 insertions(+), 3 deletions(-) delete mode 100644 selftest/knownfail.d/setpathsymlink diff --git a/selftest/knownfail.d/setpathsymlink b/selftest/knownfail.d/setpathsymlink deleted file mode 100644 index 9d7ded388c2..00000000000 --- a/selftest/knownfail.d/setpathsymlink +++ /dev/null @@ -1,2 +0,0 @@ -^samba3.smbtorture_s3.crypt.POSIX-SYMLINK-SETPATHINFO.smbtorture\(nt4_dc_smb1\) -^samba3.smbtorture_s3.plain.POSIX-SYMLINK-SETPATHINFO.smbtorture\(nt4_dc_smb1\) diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index d6a1ea81ce0..23c13da4c58 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -744,6 +744,10 @@ NTSTATUS set_ea(connection_struct *conn, files_struct *fsp, return NT_STATUS_EAS_NOT_SUPPORTED; } + if (fsp == NULL) { + return NT_STATUS_INVALID_HANDLE; + } + posix_pathnames = (fsp->fsp_name->flags & SMB_FILENAME_POSIX_PATH); status = refuse_symlink_fsp(fsp); @@ -6862,7 +6866,7 @@ static NTSTATUS smb_set_file_full_ea_info(connection_struct *conn, struct ea_list *ea_list = NULL; NTSTATUS status; - if (!fsp) { + if (fsp == NULL) { return NT_STATUS_INVALID_HANDLE; } @@ -7887,6 +7891,10 @@ static NTSTATUS smb_set_file_basic_info(connection_struct *conn, return NT_STATUS_INVALID_PARAMETER; } + if (fsp == NULL) { + return NT_STATUS_INVALID_HANDLE; + } + status = check_access_fsp(fsp, FILE_WRITE_ATTRIBUTES); if (!NT_STATUS_IS_OK(status)) { return status; @@ -7944,6 +7952,10 @@ static NTSTATUS smb_set_info_standard(connection_struct *conn, return NT_STATUS_INVALID_PARAMETER; } + if (fsp == NULL) { + return NT_STATUS_INVALID_HANDLE; + } + /* create time */ ft.create_time = time_t_to_full_timespec(srv_make_unix_date2(pdata)); /* access time */ -- 2.47.3