Re: [PATCH][SMB3] allow files to be created with backslash in file name

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, Jan 01, 2021 at 09:12:14AM -0600, Steve French wrote:

On Fri, Jan 1, 2021 at 12:00 AM Jeremy Allison <jra@xxxxxxxxx> wrote:


On Thu, Dec 31, 2020 at 09:35:23PM -0600, Steve French via samba-technical wrote:
>
>This patch may be even more important to Samba, as alternative ways of
>storing these files can create more problems. Interestingly Samba
>server reports local files with backslashes in them over the wire
>without remapping, even though these are illegal in SMB3 which would
>cause confusion on the client(s).  Has anyone tried Windows mounting

Samba should mangle names containing '\' to 8.3 names.


You were right mangled names was enabled.  But that is also
interesting - it does expose a bug in smbclient.

When you connect smbclient - doing a ls of a subdirectory with
reserved characters worked, but doing an ls of the parent (root
directory of share) caused smbclient to disconnect.  See below

smb: \> ls rsvd-chars
 rsvd-chars                          D        0  Fri Jan  1 08:55:49 2021

556368460 blocks of size 1024. 296010296 blocks available
smb: \> ls
 .                                   D        0  Fri Jan  1 08:54:28 2021
 ..                                  D        0  Thu Dec 31 21:42:28 2020
 topdir                              D        0  Mon Dec 14 16:01:25 2020
 lock1.txt                           A      200  Fri Dec 18 12:28:18 2020
 lock_rw_shared.dat                  A      200  Fri Dec 18 12:28:18 2020
 lock_rw_exclusive.dat               A      200  Fri Dec 18 12:28:18 2020
 autounlock.txt                      A      200  Fri Dec 18 12:28:18 2020
is_bad_finfo_name: bad finfo->name
NT_STATUS_INVALID_NETWORK_RESPONSE listing \*


This is coming from the following code which is designed to
protect the client from a malicious server returning a '\' or '/'
character in an filename component.

/****************************************************************************
 Check if a returned directory name is safe.
****************************************************************************/

static NTSTATUS is_bad_name(bool windows_names, const char *name)
{
        const char *bad_name_p = NULL;

        bad_name_p = strchr(name, '/');
        if (bad_name_p != NULL) {
                /*
                 * Windows and POSIX names can't have '/'.
                 * Server is attacking us.
                 */
                return NT_STATUS_INVALID_NETWORK_RESPONSE;
        }
        if (windows_names) {
                bad_name_p = strchr(name, '\\');
                if (bad_name_p != NULL) {
                        /*
                         * Windows names can't have '\\'.
                         * Server is attacking us.
                         */
                        return NT_STATUS_INVALID_NETWORK_RESPONSE;
                }
        }
        return NT_STATUS_OK;
}
[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux