1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
#
# Description: Fix potential access to the root filesystem when using an
# empty string share name.
# Patch: http://us3.samba.org/samba/ftp/patches/security/samba-3.2.6-CVE-2009-0022.patch
#
Index: samba-3.2.3/source/smbd/service.c
===================================================================
--- samba-3.2.3.orig/source/smbd/service.c 2009-01-05 08:07:08.000000000 -0500
+++ samba-3.2.3/source/smbd/service.c 2009-01-05 08:08:06.000000000 -0500
@@ -235,6 +235,10 @@
return -1;
}
+ if ((servicename == NULL) || (*servicename == '\0')) {
+ return -1;
+ }
+
if (strequal(servicename, GLOBAL_NAME)) {
return -2;
}
|