dbwrap_watch: Protect against corrupt records

If locking.tdb contains invalid records, "get_file_infos" called from directory
enumeration crashes in Samba 4.4. The reason is that if "dbwrap_watched_parse"
returns -1 due to record corruption, dbwrap_watched_parse_record returns
NT_STATUS_OK without having called the parse function. Before 66cba9939b76f
this led to "lck->data" to be uninitialized data, so smbd 4.4 would crash in
this case.  After 66cba9939b76f we implicitly initialize "state.lck" to NULL,
so we don't have this particular problem anymore

Apply the fix in master too, returning NT_STATUS_OK from parse_record without
having called the parser could lead to bugs in other cases too.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/source3/lib/dbwrap/dbwrap_watch.c b/source3/lib/dbwrap/dbwrap_watch.c
index 6057bf4caadafa7fe1f5c3b4a689ac99d9b6e80b..585010f3dda7a512f21dfebb4bd4479f9ee9e8c6 100644 (file)
--- a/source3/lib/dbwrap/dbwrap_watch.c
+++ b/source3/lib/dbwrap/dbwrap_watch.c
@@ -521,7 +521,10 @@ static void dbwrap_watched_parse_record_parser(TDB_DATA key, TDB_DATA data,
 
        num_watchers = dbwrap_watched_parse(data, NULL, 0, &state->deleted,
                                            &userdata);
-       if ((num_watchers == -1) || state->deleted) {
+       if (num_watchers == -1) {
+               state->deleted = true;
+       }
+       if (state->deleted) {
                return;
        }
        state->parser(key, userdata, state->private_data);