s3: VFS: fake_acls: In fake_acls_lstat() - get a pathref on whatever the link points to and use the handle-based functions.

Add a recursion guard so that synthetic_pathref() can't
recurse into itself by calling SMB_VFS_LSTAT().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

1 files changed, 49 insertions, 14 deletions

diff --git a/source3/modules/vfs_fake_acls.c b/source3/modules/vfs_fake_acls.c
index 5f2fe85f69c..818c2f0f896 100644
--- a/source3/modules/vfs_fake_acls.c
+++ b/source3/modules/vfs_fake_acls.c
@@ -155,23 +155,58 @@ static int fake_acls_lstat(vfs_handle_struct *handle,
 			   struct smb_filename *smb_fname)
 {
 	int ret = -1;
+	static bool in_synthetic_pathref = false;
 
 	ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
 	if (ret == 0) {
-		struct smb_filename smb_fname_base = {
-			.base_name = smb_fname->base_name
-		};
-		/* This isn't quite right (calling getxattr not
-		 * lgetxattr), but for the test purposes of this
-		 * module (fake NT ACLs from windows clients), it is
-		 * close enough.  We removed the l*xattr functions
-		 * because linux doesn't support using them, but we
-		 * could fake them in xattr_tdb if we really wanted
-		 * to.  We ignore errors because the link might not point anywhere */
-		fake_acls_uid(handle, &smb_fname_base,
-			&smb_fname->st.st_ex_uid);
-		fake_acls_gid(handle, &smb_fname_base,
-			&smb_fname->st.st_ex_gid);
+		struct smb_filename *smb_fname_base = NULL;
+		SMB_STRUCT_STAT sbuf = { 0 };
+		NTSTATUS status;
+
+		if (in_synthetic_pathref) {
+			/*
+			 * Ensure synthetic_pathref()
+			 * can't recurse into fake_acls_lstat().
+			 * synthetic_pathref() doesn't care
+			 * about the uid/gid values, it only
+			 * wants a valid/invalid stat answer
+			 * and we know smb_fname exists as
+			 * the SMB_VFS_NEXT_LSTAT() returned
+			 * zero above.
+			 */
+			return 0;
+		}
+
+		/* Recursion guard. */
+		in_synthetic_pathref = true;
+		status = synthetic_pathref(talloc_tos(),
+					   handle->conn->cwd_fsp,
+					   smb_fname->base_name,
+					   NULL,
+					   &sbuf,
+					   smb_fname->twrp,
+					   0, /* we want stat, not lstat. */
+					   &smb_fname_base);
+		/* End recursion guard. */
+		in_synthetic_pathref = false;
+		if (NT_STATUS_IS_OK(status)) {
+			/*
+			 * This isn't quite right (calling fgetxattr not
+			 * lgetxattr), but for the test purposes of this
+			 * module (fake NT ACLs from windows clients), it is
+			 * close enough.  We removed the l*xattr functions
+			 * because linux doesn't support using them, but we
+			 * could fake them in xattr_tdb if we really wanted
+			 * to. We ignore errors because the link might not
+			 * point anywhere */
+			fake_acls_fuid(handle,
+				       smb_fname_base->fsp,
+				       &smb_fname->st.st_ex_uid);
+			fake_acls_fgid(handle,
+				       smb_fname_base->fsp,
+				       &smb_fname->st.st_ex_gid);
+		}
+		TALLOC_FREE(smb_fname_base);
 	}
 
 	return ret;