Fix Coverity IDs 922 and 933

In copy_internals(), if the !CAN_WRITE(conn) kicks in, we end up
dereferencing a NULL smb_filename.

This adds a simple protection around it.

Tim, please check!

Volker

2 files changed, 6 insertions, 3 deletions

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 74406fdeac..ffd2858594 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -6372,7 +6372,7 @@ NTSTATUS create_synthetic_smb_fname_split(TALLOC_CTX *ctx,
 					  const char *fname,
 					  SMB_STRUCT_STAT *psbuf,
 					  struct smb_filename **smb_fname_out);
-char *smb_fname_str_dbg(const struct smb_filename *smb_fname);
+const char *smb_fname_str_dbg(const struct smb_filename *smb_fname);
 NTSTATUS copy_smb_filename(TALLOC_CTX *ctx,
 			   const struct smb_filename *smb_fname_in,
 			   struct smb_filename **smb_fname_out);
diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index e1e54549f7..9854407a70 100644
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -164,14 +164,17 @@ NTSTATUS create_synthetic_smb_fname_split(TALLOC_CTX *ctx,
 /**
  * Return a string using the debug_ctx()
  */
-char *smb_fname_str_dbg(const struct smb_filename *smb_fname)
+const char *smb_fname_str_dbg(const struct smb_filename *smb_fname)
 {
 	char *fname = NULL;
 	NTSTATUS status;
 
+	if (smb_fname == NULL) {
+		return "";
+	}
 	status = get_full_smb_filename(debug_ctx(), smb_fname, &fname);
 	if (!NT_STATUS_IS_OK(status)) {
-		fname = talloc_strdup(debug_ctx(), "");
+		return "";
 	}
 	return fname;
 }