diff options
| author | Jeremy Allison <jra@samba.org> | 2016-01-05 11:24:36 -0800 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2016-02-24 11:40:01 +0100 |
| commit | 2907193961139c5398c95815aaa4c501af35a507 (patch) | |
| tree | 142981c6567edff31b48599c9302f04f79e76456 | |
| parent | 0be03f1b14f8da5d6657f660c5c4853fe3dfc0c5 (diff) | |
| download | samba-2907193961139c5398c95815aaa4c501af35a507.tar.gz | |
CVE-2015-7560: s3: smbd: Refuse to get a POSIX ACL on a symlink.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11648
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
| -rw-r--r-- | source3/smbd/trans2.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index f107a4d0304..a971e1427a3 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -5279,6 +5279,13 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, uint16_t num_file_acls = 0; uint16_t num_def_acls = 0; + status = refuse_symlink(conn, + fsp, + smb_fname->base_name); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + if (fsp && fsp->fh->fd != -1) { file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, talloc_tos()); |