From 72ace149f96cf98c2ea68f93306b5b50228f6e65 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Thu, 10 Jun 2021 10:30:17 -0700
Subject: [PATCH] s3: smbd: Protect dos_mode_at_send() from running into a
 symlink.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power<npower@samba.org>
---
 source3/smbd/dosmode.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c
index c4c8be0b722..84ee8994a98 100644
--- a/source3/smbd/dosmode.c
+++ b/source3/smbd/dosmode.c
@@ -817,6 +817,20 @@ struct tevent_req *dos_mode_at_send(TALLOC_CTX *mem_ctx,
 		return tevent_req_post(req, ev);
 	}
 
+	if (smb_fname->fsp == NULL) {
+		/*
+		 * The pathological case where a caller does
+		 * dos_mode_at_send() and smb_fname points at a
+		 * symlink in POSIX context. smb_fname->fsp is NULL.
+		 *
+		 * FIXME ? Should we move to returning
+		 * FILE_ATTRIBUTE_REPARSE_POINT here ?
+		 */
+		state->dosmode = FILE_ATTRIBUTE_NORMAL;
+		tevent_req_done(req);
+		return tevent_req_post(req, ev);
+	}
+
 	subreq = SMB_VFS_GET_DOS_ATTRIBUTES_SEND(state,
 						 ev,
 						 dir_fsp,
-- 
2.47.3