[PATCH] Fix crash with MacOSX running against vfs_btrfs.

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH] Fix crash with MacOSX running against vfs_btrfs.

Samba - samba-technical mailing list
Fix from Justin Maggard <[hidden email]>.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13003

Can I get a second Team reviewer ?

Jeremy.

0001-s3-vfs-Pass-a-valid-fsp-to-SMB_VFS_GET_COMPRESSION.patch (1K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] Fix crash with MacOSX running against vfs_btrfs.

Samba - samba-technical mailing list
On Thu, Aug 31, 2017 at 04:29:13PM -0700, Jeremy Allison wrote:
> Fix from Justin Maggard <[hidden email]>.
>
> BUG: https://bugzilla.samba.org/show_bug.cgi?id=13003
>
> Can I get a second Team reviewer ?

Ping ! Second reviewer ? Looks a really small well-contained
fix !

Jeremy.

> From b2e2b33865acb3eac2973dea5097bd31151f4b02 Mon Sep 17 00:00:00 2001
> From: Justin Maggard <[hidden email]>
> Date: Wed, 30 Aug 2017 17:36:43 -0700
> Subject: [PATCH] s3: vfs: Pass a valid fsp to SMB_VFS_GET_COMPRESSION
>
> We need to pass a valid fsp to SMB_VFS_GET_COMPRESSION(), or we will
> crash.
>
> If we combine vfs_btrfs with (at least) vfs_catia or vfs_streams_xattr,
> we hit a NULL pointer in vfs_memctx_fsp_extension(). This appears to be
> because vfs_btrfs enables compression support, and when MacOS connects
> it calls dos_mode_check_compressed() which calls SMB_VFS_GET_COMPRESSION
> with a NULL files_struct pointer. This gets passed around until it finally
> gets dereferenced in vfs_memctx_fsp_extension().
>
> BUG: https://bugzilla.samba.org/show_bug.cgi?id=13003
>
> Signed-off-by: Justin Maggard <[hidden email]>
> Reviewed-by: Jeremy Allison <[hidden email]>
> ---
>  source3/smbd/dosmode.c | 15 ++++++++++++++-
>  1 file changed, 14 insertions(+), 1 deletion(-)
>
> diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c
> index 3181f2e78a9..6e0ab1bbda1 100644
> --- a/source3/smbd/dosmode.c
> +++ b/source3/smbd/dosmode.c
> @@ -579,14 +579,27 @@ static NTSTATUS dos_mode_check_compressed(connection_struct *conn,
>  {
>   NTSTATUS status;
>   uint16_t compression_fmt;
> + bool need_close = false;
> + files_struct *fsp = NULL;
>   TALLOC_CTX *tmp_ctx = talloc_new(NULL);
>   if (tmp_ctx == NULL) {
>   status = NT_STATUS_NO_MEMORY;
>   goto err_out;
>   }
>  
> - status = SMB_VFS_GET_COMPRESSION(conn, tmp_ctx, NULL, smb_fname,
> + status = get_file_handle_for_metadata(conn,
> +      smb_fname,
> +      &fsp,
> +      &need_close);
> + if (!NT_STATUS_IS_OK(status)) {
> + goto err_ctx_free;
> + }
> +
> + status = SMB_VFS_GET_COMPRESSION(conn, tmp_ctx, fsp, smb_fname,
>   &compression_fmt);
> + if (need_close) {
> + close_file(NULL, fsp, NORMAL_CLOSE);
> + }
>   if (!NT_STATUS_IS_OK(status)) {
>   goto err_ctx_free;
>   }
> --
> 2.14.1.581.gf28d330327-goog
>


Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] Fix crash with MacOSX running against vfs_btrfs.

Samba - samba-technical mailing list
On Thu, Sep 07, 2017 at 05:47:42PM +0000, Jeremy Allison wrote:
> On Thu, Aug 31, 2017 at 04:29:13PM -0700, Jeremy Allison wrote:
> > Fix from Justin Maggard <[hidden email]>.
> >
> > BUG: https://bugzilla.samba.org/show_bug.cgi?id=13003
> >
> > Can I get a second Team reviewer ?
>
> Ping ! Second reviewer ? Looks a really small well-contained
> fix !

sorry, forgot about this one. +1, please push!

Cheerio!
-slow