From 73874bec85e16e7d1480b8ca3a6b807589a8aa9f Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Thu, 20 Nov 2014 16:33:22 +0100 Subject: [PATCH 1/3] vfs_streams_xattr: fix check with samba_private_attr_name() We want to check with samba_private_attr_name() whether the xattr name is a private one, unfortunately it flags xattrs that begin with the default streams prefix as private. By only calling samba_private_attr_name() in case the xattr does NOT begin with the default prefix, we know that if it returns 'true' it definitely one of our internal xattr like "user.DOSATTRIB". This fixes a bug introduced in 634bcb09a08b927fd79ae0e16aeee2a123605f94 that denied all access to valid stream xattrs. Backport of 1160fcfe3d97644a6bcfa9ee687fd7dfca58e812 from master. https://bugzilla.samba.org/show_bug.cgi?id=10971 Signed-off-by: Ralph Boehme --- source3/modules/vfs_streams_xattr.c | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/source3/modules/vfs_streams_xattr.c b/source3/modules/vfs_streams_xattr.c index 735db2b..6314442 100644 --- a/source3/modules/vfs_streams_xattr.c +++ b/source3/modules/vfs_streams_xattr.c @@ -687,13 +687,28 @@ static NTSTATUS walk_xattr_streams(vfs_handle_struct *handle, files_struct *fsp, for (i=0; iprefix, config->prefix_len) != 0) { continue; } - if (samba_private_attr_name(names[i])) { - continue; - } status = get_ea_value(names, handle->conn, fsp, fname, names[i], &ea); -- 1.9.3 From efcb075eb8032b46dae1bc35fe11f150c46f0dc0 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Fri, 21 Nov 2014 14:54:17 +0100 Subject: [PATCH 2/3] vfs_streams_xattr: initialize pointer Intitialize pointer to NULL, otherwise we talloc_free() an unitialized pointer in the error code path. Backport of 1076e4e4e2a2b6238116bd860b03a9dcc8a151f8 from master. https://bugzilla.samba.org/show_bug.cgi?id=10971 Signed-off-by: Ralph Boehme --- source3/modules/vfs_streams_xattr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/modules/vfs_streams_xattr.c b/source3/modules/vfs_streams_xattr.c index 6314442..f65ccc8 100644 --- a/source3/modules/vfs_streams_xattr.c +++ b/source3/modules/vfs_streams_xattr.c @@ -533,7 +533,7 @@ static int streams_xattr_unlink(vfs_handle_struct *handle, { NTSTATUS status; int ret = -1; - char *xattr_name; + char *xattr_name = NULL; if (!is_ntfs_stream_smb_fname(smb_fname)) { return SMB_VFS_NEXT_UNLINK(handle, smb_fname); -- 1.9.3 From 08af9baffa1ed5f344d7263ad64b3fd5d4ff7b21 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Fri, 21 Nov 2014 14:56:08 +0100 Subject: [PATCH 3/3] vfs_streams_xattr: check stream type Only allow access to the stream type "$DATA". vfs_streams_depot does this too and it fixes the failing test "smb2.streams.names". Backport of 927290b384bc4f4fd53a1f93d4d27ccc71dd6135 from master. https://bugzilla.samba.org/show_bug.cgi?id=10971 Signed-off-by: Ralph Boehme --- source3/modules/vfs_streams_xattr.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/source3/modules/vfs_streams_xattr.c b/source3/modules/vfs_streams_xattr.c index f65ccc8..f0ab732 100644 --- a/source3/modules/vfs_streams_xattr.c +++ b/source3/modules/vfs_streams_xattr.c @@ -114,6 +114,12 @@ static NTSTATUS streams_xattr_get_name(vfs_handle_struct *handle, stype = strchr_m(stream_name + 1, ':'); + if (stype) { + if (strcasecmp_m(stype, ":$DATA") != 0) { + return NT_STATUS_INVALID_PARAMETER; + } + } + *xattr_name = talloc_asprintf(ctx, "%s%s", config->prefix, stream_name + 1); -- 1.9.3