notifyd: Don't trust remote pointers

Not a security hole IMO: Only root can send us messages, that's at least our assumption. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
author: Volker Lendecke <vl@samba.org> 2016-09-08 15:18:39 +0200
committer: Volker Lendecke <vl@samba.org> 2016-09-09 11:58:07 +0200
commit: 4e9a55536f95bf417e94a5d4d8e9f24700fa72e7 (patch)
tree: a7533153bd8e4f0a51c2986468b8de731ee08e25
parent: 6601b35e840605192a33da2258a6b440f391f44e (diff)
download: samba-4e9a55536f95bf417e94a5d4d8e9f24700fa72e7.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/source3/smbd/notifyd/notifyd.c b/source3/smbd/notifyd/notifyd.c
index ce2da547d5d..70f52cd7c83 100644
--- a/source3/smbd/notifyd/notifyd.c
+++ b/source3/smbd/notifyd/notifyd.c
@@ -1202,6 +1202,13 @@ static int notifyd_add_proxy_syswatches(struct db_record *rec,
 		uint32_t subdir_filter = instance->instance.subdir_filter;
 		int ret;
 
+		/*
+		 * This is a remote database. Pointers that we were
+		 * given don't make sense locally. Initialize to NULL
+		 * in case sys_notify_watch fails.
+		 */
+		instances[i].sys_watch = NULL;
+
 		ret = state->sys_notify_watch(
 			db, state->sys_notify_ctx, path,
 			&filter, &subdir_filter,
author	Volker Lendecke <vl@samba.org>	2016-09-08 15:18:39 +0200
committer	Volker Lendecke <vl@samba.org>	2016-09-09 11:58:07 +0200
commit	4e9a55536f95bf417e94a5d4d8e9f24700fa72e7 (patch)
tree	a7533153bd8e4f0a51c2986468b8de731ee08e25
parent	6601b35e840605192a33da2258a6b440f391f44e (diff)
download	samba-4e9a55536f95bf417e94a5d4d8e9f24700fa72e7.tar.gz