diff options
Diffstat (limited to 'net/samba413/files/0010-CVE-2023-34968-lib-Move-subdir_of-to-source3-lib-uti.patch')
| -rw-r--r-- | net/samba413/files/0010-CVE-2023-34968-lib-Move-subdir_of-to-source3-lib-uti.patch | 101 |
1 files changed, 101 insertions, 0 deletions
diff --git a/net/samba413/files/0010-CVE-2023-34968-lib-Move-subdir_of-to-source3-lib-uti.patch b/net/samba413/files/0010-CVE-2023-34968-lib-Move-subdir_of-to-source3-lib-uti.patch new file mode 100644 index 000000000000..3486dd12b101 --- /dev/null +++ b/net/samba413/files/0010-CVE-2023-34968-lib-Move-subdir_of-to-source3-lib-uti.patch @@ -0,0 +1,101 @@ +From 617bc2ee68d2213517c32f1c5cd44edc32817e41 Mon Sep 17 00:00:00 2001 +From: Volker Lendecke <vl@samba.org> +Date: Sat, 15 Oct 2022 13:29:14 +0200 +Subject: [PATCH 10/21] CVE-2023-34968: lib: Move subdir_of() to + source3/lib/util_path.c + +Make it available for other components + +Bug: https://bugzilla.samba.org/show_bug.cgi?id=15207 +Signed-off-by: Volker Lendecke <vl@samba.org> +(backported from commit d905dbddf8d2655e6c91752b750cbe9c15837ee5) +[slow@samba.org: subdir_of() didn't exist yet in 4.16 so this just adds it] +--- + source3/lib/util_path.c | 52 +++++++++++++++++++++++++++++++++++++++++ + source3/lib/util_path.h | 4 ++++ + 2 files changed, 56 insertions(+) + +diff --git a/source3/lib/util_path.c b/source3/lib/util_path.c +index c34b734384c..e6bed724551 100644 +--- a/source3/lib/util_path.c ++++ b/source3/lib/util_path.c +@@ -23,6 +23,8 @@ + + #include "replace.h" + #include <talloc.h> ++#include "lib/util/debug.h" ++#include "lib/util/fault.h" + #include "lib/util/samba_util.h" + #include "lib/util_path.h" + +@@ -210,3 +212,53 @@ char *canonicalize_absolute_path(TALLOC_CTX *ctx, const char *pathname_in) + *p++ = '\0'; + return pathname; + } ++ ++/* ++ * Take two absolute paths, figure out if "subdir" is a proper ++ * subdirectory of "parent". Return the component relative to the ++ * "parent" without the potential "/". Take care of "parent" ++ * possibly ending in "/". ++ */ ++bool subdir_of(const char *parent, ++ size_t parent_len, ++ const char *subdir, ++ const char **_relative) ++{ ++ const char *relative = NULL; ++ bool matched; ++ ++ SMB_ASSERT(parent[0] == '/'); ++ SMB_ASSERT(subdir[0] == '/'); ++ ++ if (parent_len == 1) { ++ /* ++ * Everything is below "/" ++ */ ++ *_relative = subdir+1; ++ return true; ++ } ++ ++ if (parent[parent_len-1] == '/') { ++ parent_len -= 1; ++ } ++ ++ matched = (strncmp(subdir, parent, parent_len) == 0); ++ if (!matched) { ++ return false; ++ } ++ ++ relative = &subdir[parent_len]; ++ ++ if (relative[0] == '\0') { ++ *_relative = relative; /* nothing left */ ++ return true; ++ } ++ ++ if (relative[0] == '/') { ++ /* End of parent must match a '/' in subdir. */ ++ *_relative = relative+1; ++ return true; ++ } ++ ++ return false; ++} +diff --git a/source3/lib/util_path.h b/source3/lib/util_path.h +index 3e7d04de550..0ea508bf5bb 100644 +--- a/source3/lib/util_path.h ++++ b/source3/lib/util_path.h +@@ -31,5 +31,9 @@ char *lock_path(TALLOC_CTX *mem_ctx, const char *name); + char *state_path(TALLOC_CTX *mem_ctx, const char *name); + char *cache_path(TALLOC_CTX *mem_ctx, const char *name); + char *canonicalize_absolute_path(TALLOC_CTX *ctx, const char *abs_path); ++bool subdir_of(const char *parent, ++ size_t parent_len, ++ const char *subdir, ++ const char **_relative); + + #endif +-- +2.41.0 + |