"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:1244: var_decl: Declaring variable ""wins_name1"" without initializer.
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:4835: assign: Assigning: ""wins_name_r1"" = ""&wins_name1"", which points to uninitialized data.
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:4905: uninit_use_in_call: Using uninitialized value ""*wins_name_r1"". Field ""wins_name_r1->is_group"" is uninitialized when calling ""test_wrepl_update_one"".
4903|
4904| /* now apply R1 */
4905|-> ret &= test_wrepl_update_one(tctx, ctx, records[i].r1.owner, wins_name_r1);
4906| ret &= test_wrepl_is_applied(tctx, ctx, records[i].r1.owner,
4907| wins_name_r1, records[i].r1.apply_expected);"
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jun 28 12:44:31 UTC 2024 on atb-devel-224
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/examples/libsmbclient/testacl3.c:15: var_decl: Declaring variable ""value"" without initializer.
samba-4.20.0rc2/examples/libsmbclient/testacl3.c:55: uninit_use_in_call: Using uninitialized value ""*value"" as argument to ""%s"" when calling ""printf"". [Note: The source code implementation of the function has been overridden by a builtin model.]
53| }
54|
55|-> printf(""Attributes for [%s] are:\n%s\n"", path, value);
56| }
57|"
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Noel Power <npower@samba.org>
s3:rpc_client: Check for array size instead of UINT16_MAX
mdscli_ctx->mdscmd_open.share_path is an array of size 1025. The
boundary is 1025 and not UINT16_MAX.
"Error: OVERRUN (CWE-119):
samba-4.20.0rc2/source3/rpc_client/cli_mdssvc.c:127: cond_at_least: Checking ""share_path_len < 1UL"" implies that ""share_path_len"" is at least 1 on the false branch.
samba-4.20.0rc2/source3/rpc_client/cli_mdssvc.c:127: cond_between: Checking ""share_path_len > 65535UL"" implies that ""share_path_len"" is between 1 and 65535 (inclusive) on the false branch.
samba-4.20.0rc2/source3/rpc_client/cli_mdssvc.c:133: overrun-local: Overrunning array ""mdscli_ctx->mdscmd_open.share_path"" of 1025 bytes at byte offset 65534 using index ""share_path_len - 1UL"" (which evaluates to 65534).
131| mdscli_ctx->mdscmd_open.share_path_len = share_path_len;
132|
133|-> if (mdscli_ctx->mdscmd_open.share_path[share_path_len-1] == '/') {
134| mdscli_ctx->mdscmd_open.share_path[share_path_len-1] = '\0';
135| mdscli_ctx->mdscmd_open.share_path_len--;"
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Noel Power [Thu, 27 Jun 2024 08:02:04 +0000 (09:02 +0100)]
doc: Update codeing guidelines for struct initialisation
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Fri Jun 28 10:17:14 UTC 2024 on atb-devel-224
Volker Lendecke [Fri, 29 Dec 2023 15:54:56 +0000 (16:54 +0100)]
smbd: Fix crossing automounter mount points
We get ENOENT on /proc/self/fd/<fdnum> when we try to turn the
mountpoint's O_PATH handle into a real one. This does not trigger a
mount attempt, you have to use name-based calls.
This is not the real fix, because if the autofs mount triggers, the
inode number will change. For directories this is not a huge problem
as we don't touch the share mode database before we open the "real"
fd. We would only violate potential share modes with other pure
READ_ATTRIBUTES (i.e. stat-) opens that came before the mount
trigger.
As I don't think share modes on directories are really relevant, I
think we can live with this "fix". Once we do directory leases this
will potentially change.
As a quick remedy we could use our defer_open() mechanism that starts
path processing from scratch. But as long as this seems not really
required, we should not add users of this really bad way of going back
to square 1.
The "real" fix would be to go back to the point where we open the last
component with openat(). In the retry round we need to do this without
O_PATH to trigger the mount and only then do the initial fstat.
Right now I don't see an easy way to properly test this
behaviour. Intercepting with vfs_error_inject is certainly possible,
but nailing the exact call would clutter the main code path. So I have
just tested this manually.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Jun 27 11:59:05 UTC 2024 on atb-devel-224
Shachar Sharon [Tue, 28 May 2024 09:36:14 +0000 (12:36 +0300)]
vfs_ceph: use consistent code style when setting errno
When setting explicit value to 'errno' use same coding-style as used in
this entire module (spaces before and after assignment operator).
Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Thu Jun 27 06:35:19 UTC 2024 on atb-devel-224
Shachar Sharon [Thu, 30 May 2024 08:02:37 +0000 (11:02 +0300)]
vfs_ceph: explicit cast to uint64_t upon failure of ceph_statfs
When a call to 'ceph_statfs' from with 'cephwrap_disk_free' returns
non-zero status do an explicit cast to uint64_t for the negative (-1)
value returned by 'status_code'.
Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Shachar Sharon [Mon, 27 May 2024 09:30:44 +0000 (12:30 +0300)]
vfs_ceph: adjust code-style of cephwrap_disk_free
The common convention in 'vfs_ceph.c' module is to bailout (by return or
goto) whenever the return value from libcephfs call is not OK. Apply
this code-style to cephwrap_disk_free hook.
Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Shachar Sharon [Thu, 23 May 2024 14:15:40 +0000 (17:15 +0300)]
vfs_ceph: replace WRAP_RETURN macro with convenience helpers
The WRAP_RETURN is a non-hygienic macro, and as such has the potential
of creating bogus code (e.g. 'return WRAP_RETURN(ret);' which existed
in the code in the past but did not yield any compiler warning). Prefer
simple convenience helper functions instead, which are also type safe.
Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Shachar Sharon [Wed, 22 May 2024 13:28:32 +0000 (16:28 +0300)]
vfs_ceph: use talloc in realpath hook
Prefer talloc_asprintf over asprintf when resolving realpath.
Re-format code using 'git clang-format'.
Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Shachar Sharon [Wed, 22 May 2024 13:11:57 +0000 (16:11 +0300)]
vfs_ceph: re-map unimplemented hooks
Code cleanup: prefer standard convenience helpers for unimplemented
VFS hooks.
Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Shachar Sharon [Sun, 26 May 2024 13:24:06 +0000 (16:24 +0300)]
vfs_ceph: align lines-length with coding standard
Coding standard requires following Linux kernel style guide, with an
explicit statement that "Maximum Line Width is 80 Characters". Align
vfs_ceph.c with this convention: split long lines into multiple lines
and use 'git clang-format' to do auto-formatting based on Samba project
'.clang-format' settings.
Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Shachar Sharon [Thu, 30 May 2024 07:27:35 +0000 (10:27 +0300)]
vfs_ceph: improve readability of cephwrap_realpath
Minor code cleanup: use local variable to reference current-work dir.
This commit is in preparation to following code-cleanup which aligns
line-length with Samba's coding conventions.
Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Oliver Mihatsch [Thu, 13 Jun 2024 10:16:05 +0000 (12:16 +0200)]
Extended the documentation for the "tls certfile" parameter in the smb.conf.
Signed-off-by: Oliver Mihatsch <om-git@q4k.de> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Jun 27 05:33:17 UTC 2024 on atb-devel-224
rpc.statd is single-threaded and runs its HA callout synchronously. If
it is too slow then latency accumulates and rpc.statd's backlog grows.
Running a pair of add-client/del-client events with the current code
averages ~0.030s in my test environment. This mean that 1000 clients
reclaiming locks after failover can easily cause 10s of latency. This
could cause rpc.statd to become unresponsive, resulting in a time out
for an rpcinfo-based health check of the status service.
Split the add-client/del-client events out to a standalone
statd_callout executable, written in C, to be used as the HA callout
for rpc.statd. All other functions move to statd_callout_helper.
Now, running a pair of add-client/del-client events in my test
environment averages only ~0.002s. This seems less likely to cause
latency problems.
The standalone statd_callout executable needs to read a configuration
file, which is generated by statd_callout_helper from the "startup"
event. It also needs access to a list of currently assigned public
IPs.
For backward compatibility, during installation a symlink is created
from $CTDB_BASE/statd-callout to the new statd_callout, which is
installed in the helper directory.
Testing this as part of the eventscript unit tests starts to become
even more of a hack than it used to be. However, the dependency on
stubs and the corresponding setup of fake state makes it hard to move
this elsewhere.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Jun 25 04:24:57 UTC 2024 on atb-devel-224
Martin Schwenke [Mon, 4 Mar 2024 03:29:41 +0000 (14:29 +1100)]
ctdb-doc: Drop unnecessary, broken attempt at rpc.statd stack trace
There is a typo here, since there will be no process called "status".
Instead of fixing it, drop this because rpc.statd isn't the focus of
this monitoring check and when systemd is init rpc.statd isn't
restarted with nfs-ganesha. It stays running, so a confusing stack
trace for rpc.statd is always logged.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 4 Mar 2024 03:28:11 +0000 (14:28 +1100)]
ctdb-doc: Add example for NFS-Ganesha RPC checking
This one does an rpcinfo check, along with statistics mitigation. It
can be used in combination with the existing 20.nfs_ganesha.check.
The equivalent kernel NFS file only restarts every 10 failures. This
one can be a little more proactive given that false positives are less
likely with the statistics mitigation.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 4 Mar 2024 02:52:10 +0000 (13:52 +1100)]
ctdb-scripts: Implement NFS statistics retrieval for NFS-Ganesha
Simplicity is preferred here over absolute correctness. If the
ganesha_stats command exits with an error or times out then no output
is produced so, implicitly, the statistics do not change. Also, the
statistics always change at startup. However, it is likely that the
statistics change when NFS makes progress and do not change when NFS
does not make progress.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 19 Feb 2024 10:42:11 +0000 (21:42 +1100)]
ctdb-scripts: Add service_stats_command variable to NFS checks
When monitoring an RPC service, the rpcinfo command might time out
even though the service is making progress. In this case, it is just
slow, so counting the timeout as a failure and potentially restarting
the service will not help. The problem is determining if a service is
making progress.
Add a new NFS checks service_stats_command. This command is intended
to run a statistics command. The output is naively compared using
cmp(1). If the output changes then rpcinfo failures are converted to
successes.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Volker Lendecke [Thu, 20 Jun 2024 18:25:24 +0000 (20:25 +0200)]
smbd: Simplify callers of notify_filter_string
This is exactly the application talloc_tos() was made for
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 24 17:27:04 UTC 2024 on atb-devel-224
"Error: SHELLCHECK_WARNING (CWE-569):
/usr/bin/smbprint:49:21: warning[SC1083]: This } is literal. Check expression (missing ;/\n?) or quote it.
47| # Concat this with /.config to get the config file.
48| #
49|-> eval acct_file=\${$#}
50| spool_dir=$(dirname $acct_file)
51| config_file=$spool_dir/.config"
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jun 24 07:14:54 UTC 2024 on atb-devel-224
"Error: INTEGER_OVERFLOW (CWE-190):
samba-4.20.0rc2/source4/dsdb/schema/schema_query.c:403: tainted_data_argument: The check ""i < new_len"" contains the tainted expression ""i"" which causes ""new_len"" to be considered tainted.
samba-4.20.0rc2/source4/dsdb/schema/schema_query.c:407: overflow: The expression ""new_len - i"" is deemed underflowed because at least one of its arguments has underflowed.
samba-4.20.0rc2/source4/dsdb/schema/schema_query.c:407: overflow: The expression ""(new_len - i) * 8UL"" is deemed underflowed because at least one of its arguments has underflowed.
samba-4.20.0rc2/source4/dsdb/schema/schema_query.c:407: overflow_sink: ""(new_len - i) * 8UL"", which might have underflowed, is passed to ""memmove(val1, val2, (new_len - i) * 8UL)"". [Note: The source code implementation of the function has been overridden by a builtin model.]
405| const char **val2 = &attr_list[i];
406| if (ldb_attr_cmp(*val1, *val2) == 0) {
407|-> memmove(val1, val2, (new_len - i) * sizeof( *attr_list));
408| attr_list[new_len-1] = NULL;
409| new_len--;"
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
"Error: INTEGER_OVERFLOW (CWE-190):
samba-4.20.0rc2/source3/utils/regedit_list.c:522: tainted_data_return: Called function ""get_window_height(list)"", and a possible return value may be less than zero.
samba-4.20.0rc2/source3/utils/regedit_list.c:522: cast_underflow: An assign of a possibly negative number to an unsigned type, which might trigger an underflow.
samba-4.20.0rc2/source3/utils/regedit_list.c:526: overflow: The expression ""list->cursor_row -= page"" is deemed underflowed because at least one of its arguments has underflowed.
samba-4.20.0rc2/source3/utils/regedit_list.c:529: overflow_sink: ""list->cursor_row"", which might have underflowed, is passed to ""data_get_row_n(list, list->cursor_row)"".
527| list->start_row -= page;
528| }
529|-> tmp = data_get_row_n(list, list->cursor_row);
530| break;
531| case ML_CURSOR_PGDN:"
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
s3:rpc_server: Make sure struct security_ace is initialized
Found by Covscan.
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/rpc_server/samr/srv_samr_nt.c:235: var_decl: Declaring variable ""ace"" without initializer.
samba-4.20.0rc2/source3/rpc_server/samr/srv_samr_nt.c:269: uninit_use_in_call: Using uninitialized value ""*ace"". Field ""ace->object"" is uninitialized when calling ""make_sec_acl"".
267| /* create the security descriptor */
268|
269|-> if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) == NULL)
270| return NT_STATUS_NO_MEMORY;
271|"
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jun 19 10:17:28 UTC 2024 on atb-devel-224
vfs_default: also call vfs_offload_token_ctx_init in vfswrap_offload_write_send
If a client for whatever reason calls FSCTL_SRV_COPYCHUNK[_WRITE] without
FSCTL_SRV_REQUEST_RESUME_KEY, we call vfswrap_offload_write_send
before vfswrap_offload_read_send.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Noel Power <noel.power@suse.com>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jun 17 18:02:27 UTC 2024 on atb-devel-224
ctdb/docs: Include ceph rados namespace support in man page
Document the new optional argument to specify the namespace to be
associated with RADOS objects in a pool.
Pair-Programmed-With: Anoop C S <anoopcs@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Jun 14 07:42:25 UTC 2024 on atb-devel-224
ctdb/ceph: Add optional namespace support for mutex helper
RADOS objects within a pool can be associated to a namespace for
logical separation. librados already provides an API to configure
such a namespace with respect to a context. Make use of it as an
optional argument to the helper binary.
Pair-Programmed-With: Anoop C S <anoopcs@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
projects / thirdparty / samba.git / log
