diff options
author | Jeremy Allison <jra@samba.org> | 2004-08-31 22:52:05 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:52:33 -0500 |
commit | 3f9bc7fe07364af205741efcbfd3295fc4b81b46 (patch) | |
tree | d4cfc715aa130322ec87958897cb8fe1be9cc248 | |
parent | e197fb368afd2e22d8a481b0d1adfbb74093ef06 (diff) | |
download | samba-3f9bc7fe07364af205741efcbfd3295fc4b81b46.tar.gz samba-3f9bc7fe07364af205741efcbfd3295fc4b81b46.tar.bz2 samba-3f9bc7fe07364af205741efcbfd3295fc4b81b46.zip |
r2152: Fix for bug #1674, move the symlinks checks into reduce_name().
Jeremy.
(This used to be commit 341771857fecf9ef72a436c42e0571d486fa0dde)
-rw-r--r-- | source3/smbd/filename.c | 18 | ||||
-rw-r--r-- | source3/smbd/vfs.c | 42 |
2 files changed, 20 insertions, 40 deletions
diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index e12cfb1388..279c9dd3c4 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -414,26 +414,10 @@ BOOL check_name(pstring name,connection_struct *conn) } } - if (!lp_widelinks(SNUM(conn))) { + if (!lp_widelinks(SNUM(conn)) || !lp_symlinks(SNUM(conn))) { ret = reduce_name(conn,name); } - /* Check if we are allowing users to follow symlinks */ - /* Patch from David Clerc <David.Clerc@cui.unige.ch> - University of Geneva */ - -#ifdef S_ISLNK - if (!lp_symlinks(SNUM(conn))) { - SMB_STRUCT_STAT statbuf; - if ( (SMB_VFS_LSTAT(conn,name,&statbuf) != -1) && - (S_ISLNK(statbuf.st_mode)) ) { - DEBUG(3,("check_name: denied: file path name %s is a symlink\n",name)); - errno = EACCES; - ret = False; - } - } -#endif - if (!ret) { DEBUG(5,("check_name on %s failed\n",name)); } diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c index a47f040f6a..0328558fe8 100644 --- a/source3/smbd/vfs.c +++ b/source3/smbd/vfs.c @@ -909,7 +909,8 @@ BOOL reduce_name(connection_struct *conn, const pstring fname) return False; } - if (strncmp(conn->connectpath, resolved_name, con_path_len) != 0) { + /* Check for widelinks allowed. */ + if (!lp_widelinks(SNUM(conn)) && (strncmp(conn->connectpath, resolved_name, con_path_len) != 0)) { DEBUG(2, ("reduce_name: Bad access attempt: %s is a symlink outside the share path", fname)); if (free_resolved_name) SAFE_FREE(resolved_name); @@ -917,28 +918,23 @@ BOOL reduce_name(connection_struct *conn, const pstring fname) return False; } - /* Move path the connect path to the last part of the filename. */ - p = resolved_name + con_path_len; - if (*p == '/') { - p++; - } - - if (!*p) { - if (fname[0] == '.' && fname[1] == '/' && fname[2] == '\0') { - pstrcpy(resolved_name, "./"); - } else { - pstrcpy(resolved_name, "."); - } - p = resolved_name; - } - - if (!lp_symlinks(SNUM(conn)) && (strcmp(fname, p)!=0)) { - DEBUG(3,("reduce_name: denied: file path name %s is a symlink\n",fname)); - if (free_resolved_name) - SAFE_FREE(resolved_name); - errno = EACCES; - return False; - } + /* Check if we are allowing users to follow symlinks */ + /* Patch from David Clerc <David.Clerc@cui.unige.ch> + University of Geneva */ + +#ifdef S_ISLNK + if (!lp_symlinks(SNUM(conn))) { + SMB_STRUCT_STAT statbuf; + if ( (SMB_VFS_LSTAT(conn,fname,&statbuf) != -1) && + (S_ISLNK(statbuf.st_mode)) ) { + if (free_resolved_name) + SAFE_FREE(resolved_name); + DEBUG(3,("reduce_name: denied: file path name %s is a symlink\n",resolved_name)); + errno = EACCES; + return False; + } + } +#endif DEBUG(3,("reduce_name: %s reduced to %s\n", fname, p)); if (free_resolved_name) |