From d6c28913f3109d1327a3d1369b6eafd3874b2dca Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 19 Jun 2009 11:00:41 +0200 Subject: [PATCH] Bug 6488: acl_group_override() call in posix acls references an uninitialized variable. (cherry picked from commit f92195e3a1baaddda47a5d496f9488c8445b41ad) --- source/smbd/posix_acls.c | 22 ++++++++++------------ 1 files changed, 10 insertions(+), 12 deletions(-) diff --git a/source/smbd/posix_acls.c b/source/smbd/posix_acls.c index 562776e..fe72a13 100644 --- a/source/smbd/posix_acls.c +++ b/source/smbd/posix_acls.c @@ -2384,24 +2384,22 @@ static bool current_user_in_group(gid_t gid) ****************************************************************************/ static bool acl_group_override(connection_struct *conn, - gid_t prim_gid, + SMB_STRUCT_STAT *psbuf, const char *fname) { - SMB_STRUCT_STAT sbuf; - if ((errno != EPERM) && (errno != EACCES)) { return false; } /* file primary group == user primary or supplementary group */ if (lp_acl_group_control(SNUM(conn)) && - current_user_in_group(prim_gid)) { + current_user_in_group(psbuf->st_gid)) { return true; } /* user has writeable permission */ if (lp_dos_filemode(SNUM(conn)) && - can_write_to_file(conn, fname, &sbuf)) { + can_write_to_file(conn, fname, psbuf)) { return true; } @@ -2412,7 +2410,7 @@ static bool acl_group_override(connection_struct *conn, Attempt to apply an ACL to a file or directory. ****************************************************************************/ -static bool set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, bool default_ace, gid_t prim_gid, bool *pacl_set_support) +static bool set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, bool default_ace, SMB_STRUCT_STAT *psbuf, bool *pacl_set_support) { connection_struct *conn = fsp->conn; bool ret = False; @@ -2591,7 +2589,7 @@ static bool set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, bool defau *pacl_set_support = False; } - if (acl_group_override(conn, prim_gid, fsp->fsp_name)) { + if (acl_group_override(conn, psbuf, fsp->fsp_name)) { int sret; DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n", @@ -2622,7 +2620,7 @@ static bool set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, bool defau *pacl_set_support = False; } - if (acl_group_override(conn, prim_gid, fsp->fsp_name)) { + if (acl_group_override(conn, psbuf, fsp->fsp_name)) { int sret; DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n", @@ -3627,7 +3625,7 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) if (set_acl_as_root) { become_root(); } - ret = set_canon_ace_list(fsp, file_ace_list, False, sbuf.st_gid, &acl_set_support); + ret = set_canon_ace_list(fsp, file_ace_list, False, &sbuf, &acl_set_support); if (set_acl_as_root) { unbecome_root(); } @@ -3644,7 +3642,7 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) if (set_acl_as_root) { become_root(); } - ret = set_canon_ace_list(fsp, dir_ace_list, True, sbuf.st_gid, &acl_set_support); + ret = set_canon_ace_list(fsp, dir_ace_list, True, &sbuf, &acl_set_support); if (set_acl_as_root) { unbecome_root(); } @@ -3669,7 +3667,7 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) unbecome_root(); } if (sret == -1) { - if (acl_group_override(conn, sbuf.st_gid, fsp->fsp_name)) { + if (acl_group_override(conn, &sbuf, fsp->fsp_name)) { DEBUG(5,("set_nt_acl: acl group control on and " "current user in file %s primary group. Override delete_def_acl\n", fsp->fsp_name )); @@ -3729,7 +3727,7 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) unbecome_root(); } if(sret == -1) { - if (acl_group_override(conn, sbuf.st_gid, fsp->fsp_name)) { + if (acl_group_override(conn, &sbuf, fsp->fsp_name)) { DEBUG(5,("set_nt_acl: acl group control on and " "current user in file %s primary group. Override chmod\n", fsp->fsp_name )); -- 1.6.0.2