开源软件构建与测试

We truncated the diff of some files because they were too big. If you want to see the full diff for every file, click here.

Changes of Revision 2

_service:tar_scm:samba.spec Changed

@@ -49,7 +49,7 @@
 
 Name:           samba
 Version:        4.15.3
-Release:        4
+Release:        6
 
 Summary:        A suite for Linux to interoperate with Windows
 License:        GPLv3+ and LGPLv3+
@@ -73,6 +73,7 @@
 Patch4:         backport-0005-CVE-2021-44142.patch
 Patch5:         backport-0001-CVE-2022-0336.patch
 Patch6:         backport-0002-CVE-2022-0336.patch
+Patch7:         backport-CVE-2021-44141.patch
 
 BuildRequires: avahi-devel bison dbus-devel docbook-style-xsl e2fsprogs-devel flex gawk gnupg2 gnutls-devel >= 3.4.7 gpgme-devel
 BuildRequires: jansson-devel krb5-devel >= %{required_mit_krb5} libacl-devel libaio-devel libarchive-devel libattr-devel 
@@ -657,6 +658,9 @@
 install -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/samba
 
 install -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/samba/smb.conf
+%if %{!?openEuler:1}0
+sed  -i -e '/printing = cups/d' -e '/printcap name = cups/d' -e '/load printers = yes/d' -e '/cups options = raw/d' %{buildroot}%{_sysconfdir}/samba/smb.conf
+%endif
 install -m 0644 %{SOURCE5} %{buildroot}%{_sysconfdir}/samba/smb.conf.example
 
 install -d -m 0755 %{buildroot}%{_sysconfdir}/security
@@ -3390,6 +3394,18 @@
 %endif
 
 %changelog
+* Wed Jul 20 2022 gaihuiying <eaglegai@163.com> - 4.15.3-6
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:add macros to control if need cups in configure file
+
+* Thu Jul 14 2022 gaihuiying <eaglegai@163.com> - 4.15.3-5
+- Type:cves
+- ID:CVE-2021-44141
+- SUG:NA
+- DESC:fix CVE-2021-44141
+
 * Fri Mar 11 2022 xingwei <xingwei14@h-partners.com> - 4.15.3-4
 - Type:bugfix
 - ID:NA

_service:tar_scm:backport-CVE-2021-44141.patch Added

@@ -0,0 +1,8695 @@
+From 550ece56400dc7391296943cf93ce0a4e54f9843 Mon Sep 17 00:00:00 2001
+From: Jeremy Allison <jra@samba.org>
+Date: Thu, 2 Dec 2021 12:05:51 -0800
+Subject: PATCH 08/99 CVE-2021-44141: s4: libcli: Add smbcli_unlink_wcard().
+
+We will use this in place of smbcli_unlink() when we
+know we are using a wildcard pattern. If can be used
+to generally replace smbcli_unlink() as it calls down
+to smbcli_unlink() is no wildcard is detected.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14911
+
+Signed-off-by: Jeremy Allison <jra@samba.org>
+Reviewed-by: Ralph Boehme <slow@samba.org>
+---
+ source4/libcli/clifile.c | 96 ++++++++++++++++++++++++++++++++++++++++
+ source4/libcli/libcli.h  |  5 +++
+ 2 files changed, 101 insertions(+)
+
+diff --git a/source4/libcli/clifile.c b/source4/libcli/clifile.c
+index 19288247c44..f013a5653bb 100644
+--- a/source4/libcli/clifile.c
++++ b/source4/libcli/clifile.c
+@@ -23,6 +23,7 @@
+ #include "system/filesys.h"
+ #include "libcli/raw/libcliraw.h"
+ #include "libcli/libcli.h"
++#include "system/dir.h"
+ 
+ /****************************************************************************
+  Hard/Symlink a file (UNIX extensions).
+@@ -148,6 +149,101 @@ NTSTATUS smbcli_unlink(struct smbcli_tree *tree, const char *fname)
+ 	return smb_raw_unlink(tree, &parms);
+ }
+ 
++struct wcard_delete_state {
++	struct smbcli_tree *tree;
++	NTSTATUS status;
++	char *error_name; /* To help debugging. */
++};
++
++static void del_fn(struct clilist_file_info *finfo,
++			const char *pattern,
++			void *priv)
++{
++	NTSTATUS status;
++	union smb_unlink parms;
++	char *filename = NULL;
++	char *dirname = NULL;
++	char *p = NULL;
++	struct wcard_delete_state *state = (struct wcard_delete_state *)priv;
++
++	if (ISDOT(finfo->name) || ISDOTDOT(finfo->name)) {
++		return;
++	}
++	dirname = talloc_strdup(state, pattern);
++	if (dirname == NULL) {
++		TALLOC_FREE(state->error_name);
++		state->status = NT_STATUS_NO_MEMORY;
++		return;
++	}
++	p = strrchr_m(dirname, '\\');
++	if (p != NULL) {
++		/* Remove the terminating '\' */
++		*p = '\0';
++	}
++	if (dirname0 != '\0') {
++		filename = talloc_asprintf(dirname,
++					   "%s\\%s",
++					   dirname,
++					   finfo->name);
++	} else {
++		filename = talloc_asprintf(dirname,
++					   "%s",
++					   finfo->name);
++	}
++	if (filename == NULL) {
++		TALLOC_FREE(dirname);
++		TALLOC_FREE(state->error_name);
++		state->status = NT_STATUS_NO_MEMORY;
++		return;
++	}
++	parms.unlink.in.pattern = filename;
++	parms.unlink.in.attrib = FILE_ATTRIBUTE_SYSTEM |
++				 FILE_ATTRIBUTE_HIDDEN;
++	status = smb_raw_unlink(state->tree, &parms);
++	if (NT_STATUS_IS_OK(state->status)) {
++		state->status = status;
++		if (!NT_STATUS_IS_OK(status)) {
++			/*
++			 * Save off the name we failed to
++			 * delete to help debugging.
++			 */
++			state->error_name = talloc_move(state, &filename);
++		}
++	}
++	TALLOC_FREE(dirname);
++}
++
++/****************************************************************************
++ Delete a file, possibly with a wildcard pattern.
++****************************************************************************/
++NTSTATUS smbcli_unlink_wcard(struct smbcli_tree *tree, const char *pattern)
++{
++	NTSTATUS status;
++	int ret;
++	struct wcard_delete_state *state = NULL;
++
++	if (strchr(pattern, '*') == NULL) {
++		/* No wildcard, just call smbcli_unlink(). */
++		return smbcli_unlink(tree, pattern);
++	}
++	state = talloc_zero(tree, struct wcard_delete_state);
++	if (state == NULL) {
++		return NT_STATUS_NO_MEMORY;
++	}
++	state->tree = tree;
++	ret = smbcli_list(tree,
++			  pattern,
++			  FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN,
++			  del_fn,
++			  state);
++	status = state->status;
++	TALLOC_FREE(state);
++	if (ret < 0) {
++		return NT_STATUS_UNSUCCESSFUL;
++	}
++	return status;
++}
++
+ /****************************************************************************
+  Create a directory.
+ ****************************************************************************/
+diff --git a/source4/libcli/libcli.h b/source4/libcli/libcli.h
+index 652a9f5d182..9d2a3240483 100644
+--- a/source4/libcli/libcli.h
++++ b/source4/libcli/libcli.h
+@@ -158,6 +158,11 @@ NTSTATUS smbcli_rename(struct smbcli_tree *tree, const char *fname_src,
+ ****************************************************************************/
+ NTSTATUS smbcli_unlink(struct smbcli_tree *tree, const char *fname);
+ 
++/****************************************************************************
++ Delete a wildcard pattern of files.
++****************************************************************************/
++NTSTATUS smbcli_unlink_wcard(struct smbcli_tree *tree, const char *fname);
++
+ /****************************************************************************
+  Create a directory.
+ ****************************************************************************/
+-- 
+2.25.1
+
+
+From cf661f306afaf66feeea11bb2d9e7f7e3c988914 Mon Sep 17 00:00:00 2001
+From: Jeremy Allison <jra@samba.org>
+Date: Thu, 2 Dec 2021 12:10:14 -0800
+Subject: PATCH 09/99 CVE-2021-44141: s4: libcli: In smbcli_deltree() use
+ smbcli_unlink_wcard() in place of smbcli_unlink().
+
+We know we have a wildcard mask here.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14911
+
+Signed-off-by: Jeremy Allison <jra@samba.org>
+Reviewed-by: Ralph Boehme <slow@samba.org>
+---
+ source4/libcli/clideltree.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/source4/libcli/clideltree.c b/source4/libcli/clideltree.c
+index 01b33313213..3e4f9fb834f 100644
+--- a/source4/libcli/clideltree.c
++++ b/source4/libcli/clideltree.c
+@@ -119,7 +119,7 @@ int smbcli_deltree(struct smbcli_tree *tree, const char *dname)
+ 	if (asprintf(&mask, "%s\\*", dname) < 0) {
+ 		return -1;
+ 	}
+-	smbcli_unlink(dstate.tree, mask);
++	smbcli_unlink_wcard(dstate.tree, mask);
+ 	smbcli_list(dstate.tree, mask, 
+ 		 FILE_ATTRIBUTE_DIRECTORY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM, 
+ 		 delete_fn, &dstate);
+-- 
+2.25.1
+
+
+From a0fd6cd62f3d773371fa5f460306a562e524e6eb Mon Sep 17 00:00:00 2001
+From: Jeremy Allison <jra@samba.org>
+Date: Thu, 2 Dec 2021 12:08:49 -0800
+Subject: PATCH 10/99 CVE-2021-44141: s4: torture: In raw.notify test use
+ smbcli_unlink_wcard() in place of smbcli_unlink().
+
+We know we have a wildcard mask here.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14911
+
+Signed-off-by: Jeremy Allison <jra@samba.org>
+Reviewed-by: Ralph Boehme <slow@samba.org>
+---

_service Changed