s3: torture: Change the SMB1-only UID-REGRESSION-TEST to do an explicit copy of the...

For this test only, explicitly copy the SMB1 tcon struct,
don't use cli_state_save_tcon()//cli_state_restore_tcon()
as these calls will soon change to just manipulate the pointer
to avoid TALLOC_FREE() on the tcon struct which calls
destructors on child pipe data.

In SMB1 this test calls cli_tdis() twice with an invalid
vuid and expects the SMB1 tcon struct to be preserved
across the calls.

SMB1 cli_tdis() frees cli->smb1.tcon so we must put back
a deep copy into cli->smb1.tcon to be able to safely call
cli_tdis() again.

This is a test-only hack. Real client code
uses cli_state_save_tcon()/cli_state_restore_tcon()
if it needs to temporarily swap out the active
tcon on a client connection.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13992

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit e93e6108837eff0cebad8dc26d055c0e1386093a)

diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 03b2340c54ff992727f4f8c1acd227122ab8abca..3979b691494a3b3c8e5cf72639cc50997bdc497b 100644 (file)
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -11662,7 +11662,7 @@ static bool run_uid_regression_test(int dummy)
        int16_t old_vuid;
        int32_t old_cnum;
        bool correct = True;
-       struct smbXcli_tcon *orig_tcon = NULL;
+       struct smbXcli_tcon *tcon_copy = NULL;
        NTSTATUS status;
 
        printf("starting uid regression test\n");
@@ -11703,8 +11703,20 @@ static bool run_uid_regression_test(int dummy)
        }
 
        old_cnum = cli_state_get_tid(cli);
-       orig_tcon = cli_state_save_tcon(cli);
-       if (orig_tcon == NULL) {
+       /*
+        * This is an SMB1-only test.
+        * Copy the tcon, not "save/restore".
+        *
+        * In SMB1 the cli_tdis() below frees
+        * cli->smb1.tcon so we need a copy
+        * of the struct to put back for the
+        * second tdis call with invalid vuid.
+        *
+        * This is a test-only hack. Real client code
+        * uses cli_state_save_tcon()/cli_state_restore_tcon().
+        */
+       tcon_copy = smbXcli_tcon_copy(cli, cli->smb1.tcon);
+       if (tcon_copy == NULL) {
                correct = false;
                goto out;
        }
@@ -11720,11 +11732,11 @@ static bool run_uid_regression_test(int dummy)
        } else {
                d_printf("First tdis failed (%s)\n", nt_errstr(status));
                correct = false;
-               cli_state_restore_tcon(cli, orig_tcon);
+               cli->smb1.tcon = tcon_copy;
                goto out;
        }
 
-       cli_state_restore_tcon(cli, orig_tcon);
+       cli->smb1.tcon = tcon_copy;
        cli_state_set_uid(cli, old_vuid);
        cli_state_set_tid(cli, old_cnum);