diff options
author | Jeremy Allison <jra@samba.org> | 2021-06-23 10:27:13 -0700 |
---|---|---|
committer | Ralph Boehme <slow@samba.org> | 2021-06-25 15:53:31 +0000 |
commit | cf51681aac924ce203c84b8f99b0ef7a0b10a3e0 (patch) | |
tree | cb1e6a291ec677d811e8025e512e0ff02d2f861c /source3 | |
parent | 13778b4c73155cef09709f676d23046e6a94f8bc (diff) | |
download | samba-cf51681aac924ce203c84b8f99b0ef7a0b10a3e0.tar.gz |
s3: VFS: fake_acls: In fake_acls_lstat() - get a pathref on whatever the link points to and use the handle-based functions.
Add a recursion guard so that synthetic_pathref() can't
recurse into itself by calling SMB_VFS_LSTAT().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Diffstat (limited to 'source3')
-rw-r--r-- | source3/modules/vfs_fake_acls.c | 63 |
1 files changed, 49 insertions, 14 deletions
diff --git a/source3/modules/vfs_fake_acls.c b/source3/modules/vfs_fake_acls.c index 5f2fe85f69c..818c2f0f896 100644 --- a/source3/modules/vfs_fake_acls.c +++ b/source3/modules/vfs_fake_acls.c @@ -155,23 +155,58 @@ static int fake_acls_lstat(vfs_handle_struct *handle, struct smb_filename *smb_fname) { int ret = -1; + static bool in_synthetic_pathref = false; ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname); if (ret == 0) { - struct smb_filename smb_fname_base = { - .base_name = smb_fname->base_name - }; - /* This isn't quite right (calling getxattr not - * lgetxattr), but for the test purposes of this - * module (fake NT ACLs from windows clients), it is - * close enough. We removed the l*xattr functions - * because linux doesn't support using them, but we - * could fake them in xattr_tdb if we really wanted - * to. We ignore errors because the link might not point anywhere */ - fake_acls_uid(handle, &smb_fname_base, - &smb_fname->st.st_ex_uid); - fake_acls_gid(handle, &smb_fname_base, - &smb_fname->st.st_ex_gid); + struct smb_filename *smb_fname_base = NULL; + SMB_STRUCT_STAT sbuf = { 0 }; + NTSTATUS status; + + if (in_synthetic_pathref) { + /* + * Ensure synthetic_pathref() + * can't recurse into fake_acls_lstat(). + * synthetic_pathref() doesn't care + * about the uid/gid values, it only + * wants a valid/invalid stat answer + * and we know smb_fname exists as + * the SMB_VFS_NEXT_LSTAT() returned + * zero above. + */ + return 0; + } + + /* Recursion guard. */ + in_synthetic_pathref = true; + status = synthetic_pathref(talloc_tos(), + handle->conn->cwd_fsp, + smb_fname->base_name, + NULL, + &sbuf, + smb_fname->twrp, + 0, /* we want stat, not lstat. */ + &smb_fname_base); + /* End recursion guard. */ + in_synthetic_pathref = false; + if (NT_STATUS_IS_OK(status)) { + /* + * This isn't quite right (calling fgetxattr not + * lgetxattr), but for the test purposes of this + * module (fake NT ACLs from windows clients), it is + * close enough. We removed the l*xattr functions + * because linux doesn't support using them, but we + * could fake them in xattr_tdb if we really wanted + * to. We ignore errors because the link might not + * point anywhere */ + fake_acls_fuid(handle, + smb_fname_base->fsp, + &smb_fname->st.st_ex_uid); + fake_acls_fgid(handle, + smb_fname_base->fsp, + &smb_fname->st.st_ex_gid); + } + TALLOC_FREE(smb_fname_base); } return ret; |