diff options
| author | Jeremy Allison <jra@samba.org> | 2016-01-05 11:33:48 -0800 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2016-03-10 06:52:23 +0100 |
| commit | 77b3d5b2a8848303070ba2e44476534885469a00 (patch) | |
| tree | 4eed706c67ab70a2d6ee5899164702e0baf8a12a | |
| parent | 3f491d77567ddc1b51f6c77c94d26b4d4cc2e5d0 (diff) | |
| download | samba-77b3d5b2a8848303070ba2e44476534885469a00.tar.gz | |
CVE-2015-7560: s3: smbd: Refuse to set EA's on a symlink.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11648
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
| -rw-r--r-- | source3/smbd/trans2.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index f0a9bde9cec..fd363b95ec1 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -664,6 +664,11 @@ NTSTATUS set_ea(connection_struct *conn, files_struct *fsp, return NT_STATUS_EAS_NOT_SUPPORTED; } + status = refuse_symlink(conn, fsp, smb_fname->base_name); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + status = check_access(conn, fsp, smb_fname, FILE_WRITE_EA); if (!NT_STATUS_IS_OK(status)) { return status; |