Bug 159019 - Share names over 32 characters cause smbd trouble
Share names over 32 characters cause smbd trouble
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: samba (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Guenther Deschner
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-05-27 16:08 EDT by Michael Brown
Modified: 2011-02-16 08:21 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Using a share name 24 to 32 characters long caused a string overflow. Share names are now permitted to be up to 32 characters long and string overflows no longer occur.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-05-11 07:26:03 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch from https://bugzilla.samba.org/show_bug.cgi?id=3703 (4.92 KB, patch)
2007-04-24 03:32 EDT, Diego Liziero
no flags Details | Diff

  None (edit)
Description Michael Brown 2005-05-27 16:08:19 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050513 Fedora/1.0.4-1.3.1 Firefox/1.0.4

Description of problem:
I had a sharename of length 33 (yes, just over :). Windows clients (tested with XP only) that had the share mounted thought there were filename restrictions on the filesystem - it couldn't create anything other than 8.3 basic filenames. XP popped up with:

Title:Rename
Contents:The drive that this file or folder is stored on does not allow long file names, or names containing blanks or any of the following characters: \/:,;*?"<>|

In the samba logs, I see:
172.21.7.50.log:  ERROR: string overflow by 1 (24 - 23) in safe_strcpy [test1_2_
3_4_5_6_7_8_9_a_b_c_d_e_f]
172.21.7.50.log:  172.21.7.50 (172.21.7.50) connect to service test1_2_3_4_5_6_7
_8_9_a_b_c_d_e_f initially as user michaelb (uid=11865, gid=100) (pid 16033)
172.21.7.50.log:  172.21.7.50 (172.21.7.50) couldn't find service test1_2_3_4_5_
6_7_8_9_a_b_c_d_e_
172.21.7.50.log:  172.21.7.50 (172.21.7.50) couldn't find service test1_2_3_4_5_
6_7_8_9_a_b_c_d_e_

Note that the filesystem has to be mounted as a drive for it to fail - browsing by UNC pathname works, but still generates the string overflow log messages.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Create a share of length >32
2. Mount it under XP
3. Try to create a filename with a space

Actual Results:  Error popup as described

Expected Results:  The file would be created

Additional info:

samba-3.0.10-1.4E
Also present in FC3
Comment 1 Diego Liziero 2007-04-24 03:32:02 EDT
Created attachment 153332 [details]
patch from https://bugzilla.samba.org/show_bug.cgi?id=3703

The bug is still present in RHEL5. With share name from 24 up to 32 char the
following error appears:

smbd[8935]: [2007/04/21 10:00:06, 0] lib/util_str.c:safe_strcpy_fn(603) 
smbd[8935]:   ERROR: string overflow by 1 (24 - 23) in safe_strcpy
[very_long_hidden_share_name$]

This patch solves these issues with long share names.
Tested on samba-3.0.23c-2.el5.2.src.rpm

Please apply.

Regards,
Diego.
Comment 2 Dmitri Pal 2010-05-10 10:26:40 EDT
Should be fixed in the latest 3.0.33 version.

Please add the test  and verify.
Comment 3 Diego Liziero 2010-05-11 06:32:55 EDT
Verified, it works with the latest 3.0.33 version.
Thank you.
Comment 4 Guenther Deschner 2010-05-11 07:26:03 EDT
Thanks for testing, closing this report.
Comment 6 Martin Prpic 2011-02-16 08:21:05 EST
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Using a share name 24 to 32 characters long caused a string overflow. Share names are now permitted to be up to 32 characters long and string overflows no longer occur.

Note You need to log in before you can comment on or make changes to this bug.