CVE-2022-3592 smbd: No empty path components in openat_pathref_dirfsp_nosymlink()

author Volker Lendecke <vl@samba.org>

Mon, 17 Oct 2022 16:06:02 +0000 (18:06 +0200)

committer Jule Anger <janger@samba.org>

Tue, 25 Oct 2022 10:31:34 +0000 (10:31 +0000)
author Volker Lendecke <vl@samba.org>
Mon, 17 Oct 2022 16:06:02 +0000 (18:06 +0200)
committer Jule Anger <janger@samba.org>
Tue, 25 Oct 2022 10:31:34 +0000 (10:31 +0000)
diff --git a/source3/smbd/files.c b/source3/smbd/files.c

index 87c1f0f6301ca76123f6714942403a7c31e46034..64297f187732abba19302b66e905be408e21538e 100644 (file)
--- a/source3/smbd/files.c
+++ b/source3/smbd/files.c
@@ -817,6 +817,12 @@ NTSTATUS openat_pathref_dirfsp_nosymlink(
  
                 next = strv_next(path, rel_fname.base_name);
  
+               /*
+                * Path sanitizing further up has cleaned or rejected
+                * empty path components. Assert this here.
+                */
+               SMB_ASSERT(rel_fname.base_name[0] != '\0');
+
                 if (ISDOT(rel_fname.base_name) ||
                     ISDOTDOT(rel_fname.base_name)) {
                         DBG_DEBUG("%s contains a dot\n", path_in);
author	Volker Lendecke <vl@samba.org>
	Mon, 17 Oct 2022 16:06:02 +0000 (18:06 +0200)
committer	Jule Anger <janger@samba.org>
	Tue, 25 Oct 2022 10:31:34 +0000 (10:31 +0000)