From 2d40b9bdd708eb2a86ae8bb1bc60c4b92f718658 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Mon, 1 Feb 2021 12:03:17 +0100
Subject: [PATCH] s3:smbd: Fix invalid memory access in
 posix_sys_acl_blob_get_fd()

We are handing down an out of scope buffer.

Found by AddressSanitizer.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14627

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 0a93f5367bc55ee14f13da5bdb812333c9d9e9f3)
---
 source3/smbd/posix_acls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 041305d4aec..c1d5b7cd047 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -4651,12 +4651,12 @@ int posix_sys_acl_blob_get_fd(vfs_handle_struct *handle,
 	TALLOC_CTX *frame;
 	struct smb_acl_wrapper acl_wrapper = { 0 };
 	int fd = fsp_get_pathref_fd(fsp);
+	char buf[PATH_MAX] = {0};
 	struct smb_filename fname;
 	int ret;
 
 	if (fsp->fsp_flags.have_proc_fds) {
 		const char *proc_fd_path = NULL;
-		char buf[PATH_MAX];
 
 		proc_fd_path = sys_proc_fd_path(fd, buf, sizeof(buf));
 		if (proc_fd_path == NULL) {
-- 
2.30.0