diff options
| author | Jeremy Allison <jra@samba.org> | 2016-01-05 11:29:38 -0800 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2016-02-24 11:38:53 +0100 |
| commit | 63a27a313a44ff8f3a37dcb695ad437fb847dfa0 (patch) | |
| tree | d4a79fcb5d5b348c3740299b196bca9723154d87 | |
| parent | 39aaef0dcb14d3d2299021c66cacfac51cddf7fd (diff) | |
| download | samba-63a27a313a44ff8f3a37dcb695ad437fb847dfa0.tar.gz | |
CVE-2015-7560: s3: smbd: Silently return no EA's available on a symlink.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11648
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
| -rw-r--r-- | source3/smbd/trans2.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 3d16d6e3d39..04a13c48c24 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -236,6 +236,7 @@ NTSTATUS get_ea_names_from_file(TALLOC_CTX *mem_ctx, connection_struct *conn, char **names, **tmp; size_t num_names; ssize_t sizeret = -1; + NTSTATUS status; if (pnames) { *pnames = NULL; @@ -246,6 +247,14 @@ NTSTATUS get_ea_names_from_file(TALLOC_CTX *mem_ctx, connection_struct *conn, return NT_STATUS_OK; } + status = refuse_symlink(conn, fsp, fname); + if (!NT_STATUS_IS_OK(status)) { + /* + * Just return no EA's on a symlink. + */ + return NT_STATUS_OK; + } + /* * TALLOC the result early to get the talloc hierarchy right. */ |