Changeset 919 for vendor/current/source3/smbd/vfs.c

Timestamp:

Jun 9, 2016, 2:17:22 PM (9 years ago)

Author:

Silvan Scherrer

Message:

Samba Server: apply latest security patches to vendor

File:

• vendor/current/source3/smbd/vfs.c (modified) (2 diffs)

vendor/current/source3/smbd/vfs.c

@@ -983 +983 @@
                 const char *conn_rootdir;
                 size_t rootdir_len;
+                bool matched;
 
                 conn_rootdir = SMB_VFS_CONNECTPATH(conn, fname);
@@ -993 +994 @@
 
                 rootdir_len = strlen(conn_rootdir);
-                if (strncmp(conn_rootdir, resolved_name,
-                                rootdir_len) != 0) {
+                matched = (strncmp(conn_rootdir, resolved_name,
+                                rootdir_len) == 0);
+                if (!matched || (resolved_name[rootdir_len] != '/' &&
+                                 resolved_name[rootdir_len] != '\0')) {
                         DEBUG(2, ("check_reduced_name: Bad access "
                                 "attempt: %s is a symlink outside the "