===========================================================
== Subject: Misconfigured /etc/passwd file may share folders unexpectedly
==
== CVE ID#: CVE-2009-2813
==
== Versions: All versions of Samba later than 3.0.11
==
== Summary: If a user in /etc/passwd is misconfigured to have
== an empty home directory then connecting to the home
== share of this user will use the root of the filesystem
== as the home directory.
===========================================================
(cherry picked from commit
c1a4a99f8cc5803682a94060efee1adf330c4f02)
int i;
pstring newHomedir;
+ if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
+ pszHomedir[0] == '\0') {
+ return False;
+ }
+
i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
if (i < 0)
if (lp_servicenumber(p) >= 0)
continue;
- if (home && homes >= 0)
+ if (home && home[0] && homes >= 0)
lp_add_home(p, homes, p, home);
}
SAFE_FREE(s);
{
int iHomeService;
- if (!service || !homedir)
+ if (!service || !homedir || homedir[0] == '\0')
return -1;
if ((iHomeService = lp_servicenumber(HOMES_NAME)) < 0)
get_current_username(),
current_user_info.domain,
s, sizeof(s));
+
+ if (s[0] == '\0') {
+ DEBUG(6, ("service [%s] did not resolve to a path\n",
+ lp_servicename(snum)));
+ conn_free(conn);
+ *status = NT_STATUS_BAD_NETWORK_NAME;
+ return NULL;
+ }
+
set_conn_connectpath(conn,s);
DEBUG(3,("Connect path is '%s' for service [%s]\n",s,
lp_servicename(snum)));