Project

General

Profile

Bug #1930

smb_match functions incorrectly handle multibyte characters

Added by Yuri Pankov almost 9 years ago. Updated about 8 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
cifs - CIFS server and client
Start date:
2011-12-27
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
cifs wildcards
Gerrit CR:

Description

smb_match{,_ci}_private functions incorrectly think that size of character == size of byte when handling wildcards:
http://src.illumos.org/source/xref/illumos-gate/usr/src/common/smbsrv/smb_match.c#168
http://src.illumos.org/source/xref/illumos-gate/usr/src/common/smbsrv/smb_match.c#190

#1

Updated by Yuri Pankov almost 9 years ago

  • Assignee deleted (Yuri Pankov)
#2

Updated by Yuri Pankov over 8 years ago

  • Status changed from New to Closed

This should be resolved by correctly handling the wildcards.

#3

Updated by Gordon Ross about 8 years ago

  • Status changed from Closed to In Progress
  • Assignee set to Gordon Ross
  • Difficulty changed from Bite-size to Medium

It turns out there were deeper problems with our directory list filtering than anyone imagined. Some background: SMB servers filter the directory listing using a wildcard pattern provided by the client.
There are two "match" functions used for filtering. (1) the old LanMan one, which has DOS naming semantics, and (2) the NT-and-later one, which is much more flexible the old one. The old style match function can be simulated by the new match function by doing a simple transformation on the match pattern. What's supposed to happen is, when the SMB server is talking to an old client (older than NT) the match pattern from the client should be transformed to the new form. When talking to a modern client (NT or later) the match pattern should be used as-is.

Before this fix, what was happening is that the server would, regardless of client version, transform new, NT-style match patterns to old style (which one should note, can not be done without losing information) and then using an old-style match function. This is almost exactly backwards from what should happen. With the fix, smb_convert_wildcards now converts old to new (it was backwards), and is only called for clients older than NT. The code was also not passing through the case sensitivity information from the share (it was always case insensitive) though since nobody uses case-sensitive shares, this problem is rarely exposed.

#4

Updated by Gordon Ross about 8 years ago

  • Status changed from In Progress to Resolved
changeset:   13839:2d7fbebd2923
tag:         tip
user:        Gordon Ross <gwr@nexenta.com>
date:        Thu Sep 27 13:58:00 2012 -0400

description:
    1930 smb_match functions incorrectly handle multibyte characters
    1931 smb_convert_wildcards incorrectly expands < at the end of the pattern
    Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
    Reviewed by: Eric Schrock <eric.schrock@delphix.com>
    Approved by: Richard Lowe <richlowe@richlowe.net>

modified:
   usr/src/common/smbsrv/smb_match.c
   usr/src/common/smbsrv/smb_xdr.c
   usr/src/lib/smbsrv/libsmb/common/mapfile-vers
   usr/src/uts/common/fs/smbsrv/smb_delete.c
   usr/src/uts/common/fs/smbsrv/smb_kutil.c
   usr/src/uts/common/fs/smbsrv/smb_odir.c
   usr/src/uts/common/fs/smbsrv/smb_pathname.c
   usr/src/uts/common/smbsrv/string.h

Also available in: Atom PDF