diff options
author | Jeremy Allison <jra@samba.org> | 2017-03-27 22:10:29 -0700 |
---|---|---|
committer | Ralph Boehme <slow@samba.org> | 2017-03-28 17:05:27 +0200 |
commit | 4e734fcd1bf82c08aa303ce44e9735acccffcf06 (patch) | |
tree | 6ef7707c4afb2291138230e6af45a1f038f63278 /source3/script | |
parent | e182a4d39e86c9694e255efdf6ee2ea3ccb9af4a (diff) | |
download | samba-4e734fcd1bf82c08aa303ce44e9735acccffcf06.tar.gz |
s3: Test for CVE-2017-2619 regression with "follow symlinks = no" - part 2
Add tests for regular access.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12721
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Mar 28 17:05:27 CEST 2017 on sn-devel-144
Diffstat (limited to 'source3/script')
-rwxr-xr-x | source3/script/tests/test_smbclient_s3.sh | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/source3/script/tests/test_smbclient_s3.sh b/source3/script/tests/test_smbclient_s3.sh index 330ceead09c..9bff883f63f 100755 --- a/source3/script/tests/test_smbclient_s3.sh +++ b/source3/script/tests/test_smbclient_s3.sh @@ -1103,14 +1103,22 @@ test_nosymlinks() slink_name="$LOCAL_PATH/nosymlinks/source" slink_target="$LOCAL_PATH/nosymlinks/target" mkdir_target="$LOCAL_PATH/nosymlinks/a" + dir1="$LOCAL_PATH/nosymlinks/foo" + dir2="$LOCAL_PATH/nosymlinks/foo/bar" + get_target="$LOCAL_PATH/nosymlinks/foo/bar/testfile" rm -f $slink_target rm -f $slink_name rm -rf $mkdir_target + rm -rf $dir1 touch $slink_target ln -s $slink_target $slink_name + mkdir $dir1 + mkdir $dir2 + touch $get_target + # Getting a file through a symlink name should fail. tmpfile=$PREFIX/smbclient_interactive_prompt_commands cat > $tmpfile <<EOF @@ -1165,6 +1173,35 @@ EOF echo "failed - NT_STATUS_XXXX doing mkdir a; mkdir a\\b on \\nosymlinks" false fi + +# Ensure regular file/directory access also works. + cat > $tmpfile <<EOF +cd foo\\bar +ls +get testfile - +quit +EOF + cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/nosymlinks -I $SERVER_IP $ADDARGS < $tmpfile 2>&1' + eval echo "$cmd" + out=`eval $cmd` + ret=$? + rm -f $tmpfile + + if [ $ret -ne 0 ] ; then + echo "$out" + echo "failed accessing nosymlinks with error $ret" + false + return + fi + + echo "$out" | grep 'NT_STATUS' + ret=$? + if [ $ret -eq 0 ] ; then + echo "$out" + echo "failed - NT_STATUS_XXXX doing cd foo\\bar; get testfile on \\nosymlinks" + false + return + fi } LOGDIR_PREFIX=test_smbclient_s3 |