s3: smbd: Add a dirfsp parameter to check_parent_access().

author Jeremy Allison <jra@samba.org>

Fri, 1 May 2020 01:20:29 +0000 (18:20 -0700)

committer Ralph Boehme <slow@samba.org>

Mon, 4 May 2020 13:55:34 +0000 (13:55 +0000)
author Jeremy Allison <jra@samba.org>
Fri, 1 May 2020 01:20:29 +0000 (18:20 -0700)
committer Ralph Boehme <slow@samba.org>
Mon, 4 May 2020 13:55:34 +0000 (13:55 +0000)
diff --git a/source3/smbd/open.c b/source3/smbd/open.c

index c2a14da44743c978733dcc1e49c655be42a86cb9..2fd79b426de85daa6ee96329691d71346e8b2e55 100644 (file)
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -264,6 +264,7 @@ NTSTATUS smbd_check_access_rights(struct connection_struct *conn,
  }
  
  NTSTATUS check_parent_access(struct connection_struct *conn,
+                               struct files_struct *dirfsp,
                                 struct smb_filename *smb_fname,
                                 uint32_t access_mask)
  {
@@ -279,6 +280,13 @@ NTSTATUS check_parent_access(struct connection_struct *conn,
         TALLOC_CTX *frame = talloc_stackframe();
         bool ok;
  
+       /*
+        * NB. When dirfsp != conn->cwd_fsp, we must
+        * change parent_dir to be "." for the name here.
+        */
+
+       SMB_ASSERT(dirfsp == conn->cwd_fsp);
+
         ok = parent_smb_fname(frame, smb_fname, &parent_dir, NULL);
         if (!ok) {
                 status = NT_STATUS_NO_MEMORY;
@@ -1255,6 +1263,7 @@ static NTSTATUS open_file(files_struct *fsp,
                                 }
  
                                 status = check_parent_access(conn,
+                                                       conn->cwd_fsp,
                                                         smb_fname,
                                                         SEC_DIR_ADD_FILE);
                                 if (!NT_STATUS_IS_OK(status)) {
@@ -4112,6 +4121,7 @@ static NTSTATUS mkdir_internal(connection_struct *conn,
         }
  
         status = check_parent_access(conn,
+                                       conn->cwd_fsp,
                                         smb_dname,
                                         access_mask);
         if(!NT_STATUS_IS_OK(status)) {
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h

index c2f0e2e184ea5b5fa7b760ea5989218419975bd6..e66b759d5765832e4ceffeb59129d3851e127d01 100644 (file)
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -708,6 +708,7 @@ NTSTATUS smbd_check_access_rights(struct connection_struct *conn,
                                 bool use_privs,
                                 uint32_t access_mask);
  NTSTATUS check_parent_access(struct connection_struct *conn,
+                               struct files_struct *dirfsp,
                                 struct smb_filename *smb_fname,
                                 uint32_t access_mask);
  NTSTATUS fd_open(struct connection_struct *conn, files_struct *fsp,
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c

index f8c0124cbb8d7bb82b17cdf37ed6afe5986a270f..fd4434c900884d60607f23c604f8b65a4f3d8242 100644 (file)
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -7807,6 +7807,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn,
                 access_mask = SEC_DIR_ADD_SUBDIR;
         }
         status = check_parent_access(conn,
+                               conn->cwd_fsp,
                                 smb_fname_dst,
                                 access_mask);
         if (!NT_STATUS_IS_OK(status)) {
author	Jeremy Allison <jra@samba.org>
	Fri, 1 May 2020 01:20:29 +0000 (18:20 -0700)
committer	Ralph Boehme <slow@samba.org>
	Mon, 4 May 2020 13:55:34 +0000 (13:55 +0000)
source3/smbd/open.c		patch \| blob \| history
source3/smbd/proto.h		patch \| blob \| history
source3/smbd/reply.c		patch \| blob \| history