Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add handling for cases where ad_entry() returns NULL #174

Closed
wants to merge 4 commits into from

Commits on Apr 12, 2022

  1. add handling for cases where ad_entry() returns NULL

    With recent CVE fixes, ad_enty() may now return NULL. This
    commit adds basic error handling for these cases and asserting
    where such a return is totally unexpected. In case of
    ad_getid() and ad_forcegetid(), return CNID_INVALID rather
    than 0 to clarify for future people investigating this that
    a 0 here is an indication of error.
    
    In case of new_ad_header(), the valid_data_len of the
    adouble data may still be zero. This causes subsequent
    ad_entry() calls within new_ad_header() to fail. As such,
    overwrite valid_data-Len with AD_DATASZ2 or AD_DATASZ_EA
    depending on how adouble data is stored on disk.
    
    Another side-effect of the fix is that ad_entry() for
    ADEID_DID on ea-backed adouble data will return NULL. In
    this case, add explicit check for the backend before
    attempting to get the DID.
    
    Signed-off-by: Andrew Walker <awalker@ixsystems.com>
    anodos325 committed Apr 12, 2022
    Configuration menu
    Copy the full SHA
    687106e View commit details
    Browse the repository at this point in the history

Commits on May 4, 2022

  1. fix AFP_ASSERT on symlink

    anodos325 committed May 4, 2022
    Configuration menu
    Copy the full SHA
    177a07d View commit details
    Browse the repository at this point in the history
  2. avoid setting adouble entries on symlinks

    Netatalk appears to not attempt to read adouble
    metadata for symlinks (no lgetxtattr call) and so
    for the sake of consistency, we will also avoid
    setting them in the ad.
    anodos325 committed May 4, 2022
    Configuration menu
    Copy the full SHA
    a832d56 View commit details
    Browse the repository at this point in the history

Commits on May 11, 2022

  1. Protect against removing AFP metadata xattr

    In some edge cases the comment in finder info xattr may be
    zero-length. This means that ad_entry() will return NULL
    with latest CVE fixes. This means we need alternate validation
    for comment.
    
    Since the ad_entry handling changed significantly in 3.12->3.13
    update, AFP_ASSERT() when metadata is flagged as invalid rather
    than attempting to remove it. This will give us an opportunity
    to fix any other issues introduced by the original changeset
    without affecting user metadata.
    anodos325 committed May 11, 2022
    Configuration menu
    Copy the full SHA
    b826abf View commit details
    Browse the repository at this point in the history