lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAH2r5muHVDfWM6vmRx85S2zfgh6v7mjc-ekOpkqJaLFvV9x1mA@mail.gmail.com>
Date: Sun, 16 Feb 2025 22:26:36 -0600
From: Steve French <smfrench@...il.com>
To: Oleh Nykyforchyn <oleh.nyk@...il.com>
Cc: linux-cifs@...r.kernel.org, linux-kernel@...r.kernel.org, 
	samba-technical <samba-technical@...ts.samba.org>
Subject: Re: Bug in getting file attributes with SMB3.1.1 and posix

Oleh,
Good catch, and sorry about the delay (email had gotten missed).

Here is a fix (see attached) for the problem you reported.  Let me
know if it also works for you or if you see any problems with it.

This is important fix for SMB3.1.1 POSIX Extensions client implementation.


On Wed, Jan 1, 2025 at 11:05 AM Oleh Nykyforchyn <oleh.nyk@...il.com> wrote:
>
> Hello,
>
> I encountered a funny bug when a share is mounted with vers=3.1.1, posix,... If a file size has bits 0x410 = ATTR_DIRECTORY | ATTR_REPARSE = 1040 set, then the file is regarded as a directory and its open fails. A simplest test example is any file 1040 bytes long.
>
> The cause of this bug is that Attributes field in smb2_file_all_info struct occupies the same place that EndOfFile field in smb311_posix_qinfo, and sometimes the latter struct is incorrectly processed as if it was the first one. I attach an example patch that solves the problem for me, obviously not ready for submission, but just to show which places in the code are subject to problems. The patch is against linux-6.12.6 kernel, but, AFAICS, nothing has changed since then in relevant places. If I have guessed more or less correctly what the intended functionality is, please feel free to use my patch as a basis for corrections.
>
> Best regards
>
> Olen Nykyforchyn



-- 
Thanks,

Steve

View attachment "0001-smb311-failure-to-open-files-of-length-1040-when-mou.patch" of type "text/x-patch" (5037 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ