diff options
author | Jeremy Allison <jra@samba.org> | 2009-09-28 13:26:37 +0200 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2009-09-28 13:27:43 +0200 |
commit | ac075bd679fd59e93ea13780f6651a431002edd0 (patch) | |
tree | 6f2600c94acc5dcf7dda84cd6c1f6ad9c8616df0 | |
parent | 2a422f453dd3ad9978e6ec0ac40c122163c028ed (diff) | |
download | samba-ac075bd679fd59e93ea13780f6651a431002edd0.tar.gz |
Fix for CVE-2009-2813.
===========================================================
== Subject: Misconfigured /etc/passwd file may share folders unexpectedly
==
== CVE ID#: CVE-2009-2813
==
== Versions: All versions of Samba later than 3.0.11
==
== Summary: If a user in /etc/passwd is misconfigured to have
== an empty home directory then connecting to the home
== share of this user will use the root of the filesystem
== as the home directory.
===========================================================
-rw-r--r-- | source3/param/loadparm.c | 7 | ||||
-rw-r--r-- | source3/smbd/service.c | 6 |
2 files changed, 11 insertions, 2 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 553938f974f..4fd25c15bf0 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -6091,6 +6091,11 @@ bool lp_add_home(const char *pszHomename, int iDefaultService, { int i; + if (pszHomename == NULL || user == NULL || pszHomedir == NULL || + pszHomedir[0] == '\0') { + return false; + } + i = add_a_service(ServicePtrs[iDefaultService], pszHomename); if (i < 0) @@ -8062,7 +8067,7 @@ static void lp_add_auto_services(char *str) home = get_user_home_dir(talloc_tos(), p); - if (home && homes >= 0) + if (home && home[0] && homes >= 0) lp_add_home(p, homes, p, home); TALLOC_FREE(home); diff --git a/source3/smbd/service.c b/source3/smbd/service.c index fc597445846..902a7c40325 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -56,6 +56,10 @@ bool set_conn_connectpath(connection_struct *conn, const char *connectpath) const char *s = connectpath; bool start_of_name_component = true; + if (connectpath == NULL || connectpath[0] == '\0') { + return false; + } + destname = SMB_STRDUP(connectpath); if (!destname) { return false; @@ -259,7 +263,7 @@ int add_home_service(const char *service, const char *username, const char *home { int iHomeService; - if (!service || !homedir) + if (!service || !homedir || homedir[0] == '\0') return -1; if ((iHomeService = lp_servicenumber(HOMES_NAME)) < 0) { |