Assmann Phillip
2023-Jan-11 23:59 UTC
[Samba] v4.17.4 (from source): vfs_virusfilter with clamav dumps core on file access
Hi Jeremy, your patch works flawlessly! Access is possible, scanning also works now: Jan 12 00:56:24 fileserver.ig.initiativgruppe.de smbd[88287]: Initialising custom vfs hooks from [virusfilter] Jan 12 00:56:24 fileserver.ig.initiativgruppe.de smbd[88287]: load_module_absolute_path: Module '/usr/local/samba/lib/vfs/virusfilter.so' loaded Jan 12 00:56:24 fileserver.ig.initiativgruppe.de smbd[88286]: [2023/01/12 00:56:24.456725, 0] ../../source3/modules/vfs_virusfilter.c:1172(virusfilter_scan) Jan 12 00:56:24 fileserver.ig.initiativgruppe.de smbd[88286]: virusfilter_scan: Scan result: Infected: /zfs/tank/share/Wiki/eicar: Eicar-Signature Jan 12 00:56:24 fileserver.ig.initiativgruppe.de smbd[88286]: [2023/01/12 00:56:24.457847, 1] ../../source3/modules/vfs_virusfilter.c:964(virusfilter_treat_infected_file) Jan 12 00:56:24 fileserver.ig.initiativgruppe.de smbd[88286]: virusfilter_treat_infected_file: Infected file action: /zfs/tank/share/Wiki/eicar: delete Thanks for your help, let me know if I can do anything to get this fixed in master. Phillip Assmann System Administrator InitiativGruppe e.V. ________________________________ From: Jeremy Allison <jra at samba.org> Sent: Thursday, January 12, 2023 12:21:08 AM To: Assmann Phillip Cc: samba at lists.samba.org Subject: Re: [Samba] v4.17.4 (from source): vfs_virusfilter with clamav dumps core on file access On Wed, Jan 11, 2023 at 10:53:10PM +0000, Assmann Phillip via samba wrote:>Hi everyone! >On compiling the latest Samba v4.17.4 with module vfs_virusfilter from source, using the following details: >- OS: Rocky Linux 9.1, Kernel 5.14.0 >- Configuration: CPPFLAGS="-I/usr/include/tirpc" LDFLAGS="-ltirpc" ./configure --with-shared-modules=idmap_rid,idmap_ad,idmap_adex,idmap_hash,idmap_ldap,idmap_tdb2,vfs_dfs_samba4,auth_samba4,vfs_nfs4acl_xattr,vfs_shadow_copy2,vfs_virusfilter --with-systemd --systemd-install-services --enable-selftest >- ClamAV installed via: dnf install clamav clamd clamav-update > - configured with: LocalSocket /run/clamd.scan/clamd.sock in /etc/clamd.d/scan.conf (clamscan is working, albeit a bit slow) >- SMB Configured with: >### truncated smb.conf ### >security = ads >realm = IG.INITIATIVGRUPPE.DE >workgroup = IG >vfs objects = nfs4acl_xattr shadow_copy2 virusfilter >nfs4acl_xattr:xattr_name = user.nfs4acl_ndr >nfs4acl_xattr:default acl style = windows >nfs4acl_xattr:validate_mode = No >virusfilter:socket path = /run/clamd.scan/clamd.sock >virusfilter:scanner = clamav >virusfilter:infected file action = delete >virusfilter:scan on open = No >virusfilter:scan on close = Yes >### end smb.conf ### > >when accessing any file or folder via SMB, it hangs for a few seconds and then dumps core: >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: 192.168.30.252 (ipv4:192.168.30.252:53401) signed connect to service Share initially as user IG/t.user (uid=3000017, gid=3000000) (pid 45790) >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: [2023/01/11 22:58:24.449799, 0] ../../lib/util/fault.c:173(smb_panic_log) >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: ==============================================================>Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: [2023/01/11 22:58:24.449991, 0] ../../lib/util/fault.c:174(smb_panic_log) >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: INTERNAL ERROR: Signal 11: Speicherzugriffsfehler in pid 45790 (4.17.4) >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: [2023/01/11 22:58:24.450251, 0] ../../lib/util/fault.c:178(smb_panic_log) >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: [2023/01/11 22:58:24.450315, 0] ../../lib/util/fault.c:183(smb_panic_log) >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: ==============================================================>Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: [2023/01/11 22:58:24.450371, 0] ../../lib/util/fault.c:184(smb_panic_log) >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: PANIC (pid 45790): Signal 11: Speicherzugriffsfehler in 4.17.4 >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: [2023/01/11 22:58:24.450640, 0] ../../lib/util/fault.c:292(log_stack_trace) >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: BACKTRACE: 40 stack frames: >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #0 /usr/local/samba/lib/private/libgenrand-samba4.so(log_stack_trace+0x1f) [0x7f0c7b673a26] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #1 /usr/local/samba/lib/private/libgenrand-samba4.so(smb_panic_log+0x1d9) [0x7f0c7b6739ba] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #2 /usr/local/samba/lib/private/libgenrand-samba4.so(smb_panic+0x18) [0x7f0c7b6739d5] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #3 /usr/local/samba/lib/private/libgenrand-samba4.so(+0x14d0) [0x7f0c7b6734d0] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #4 /usr/local/samba/lib/private/libgenrand-samba4.so(+0x14e5) [0x7f0c7b6734e5] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #5 /lib64/libc.so.6(+0x54d90) [0x7f0c7b472d90] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #6 /usr/local/samba/lib/vfs/virusfilter.so(+0xcbf3) [0x7f0c7624bbf3] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #7 /usr/local/samba/lib/private/libsmbd-base-samba4.so(smb_vfs_call_close+0x50) [0x7f0c7bb2891f] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #8 /usr/local/samba/lib/private/libsmbd-base-samba4.so(fd_close+0xca) [0x7f0c7bb0fd16] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #9 /usr/local/samba/lib/private/libsmbd-base-samba4.so(openat_pathref_dirfsp_nosymlink+0x1283) [0x7f0c7bad9a05] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #10 /usr/local/samba/lib/private/libsmbd-base-samba4.so(+0x908cc) [0x7f0c7bb0c8cc] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #11 /usr/local/samba/lib/private/libsmbd-base-samba4.so(filename_convert_dirfsp+0x98) [0x7f0c7bb0d423] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #12 /usr/local/samba/lib/private/libsmbd-base-samba4.so(+0xee11e) [0x7f0c7bb6a11e] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #13 /usr/local/samba/lib/private/libsmbd-base-samba4.so(smbd_smb2_request_process_create+0x726) [0x7f0c7bb67e1d] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #14 /usr/local/samba/lib/private/libsmbd-base-samba4.so(smbd_smb2_request_dispatch+0x157d) [0x7f0c7bb59751] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #15 /usr/local/samba/lib/private/libsmbd-base-samba4.so(+0xe2617) [0x7f0c7bb5e617] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #16 /usr/local/samba/lib/private/libsmbd-base-samba4.so(+0xe2723) [0x7f0c7bb5e723] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #17 /usr/local/samba/lib/private/libtevent-samba4.so(tevent_common_invoke_fd_handler+0x121) [0x7f0c7b8964c7] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #18 /usr/local/samba/lib/private/libtevent-samba4.so(+0x1227b) [0x7f0c7b8a127b] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #19 /usr/local/samba/lib/private/libtevent-samba4.so(+0x128db) [0x7f0c7b8a18db] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #20 /usr/local/samba/lib/private/libtevent-samba4.so(+0xf1ea) [0x7f0c7b89e1ea] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #21 /usr/local/samba/lib/private/libtevent-samba4.so(_tevent_loop_once+0x113) [0x7f0c7b895229] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #22 /usr/local/samba/lib/private/libtevent-samba4.so(tevent_common_loop_wait+0x25) [0x7f0c7b895550] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #23 /usr/local/samba/lib/private/libtevent-samba4.so(+0xf28f) [0x7f0c7b89e28f] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #24 /usr/local/samba/lib/private/libtevent-samba4.so(_tevent_loop_wait+0x2b) [0x7f0c7b8955f3] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #25 /usr/local/samba/lib/private/libsmbd-base-samba4.so(smbd_process+0xd59) [0x7f0c7bb40414] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #26 /usr/local/samba/sbin/smbd(+0x94c1) [0x5565904834c1] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #27 /usr/local/samba/lib/private/libtevent-samba4.so(tevent_common_invoke_fd_handler+0x121) [0x7f0c7b8964c7] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #28 /usr/local/samba/lib/private/libtevent-samba4.so(+0x1227b) [0x7f0c7b8a127b] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #29 /usr/local/samba/lib/private/libtevent-samba4.so(+0x128db) [0x7f0c7b8a18db] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #30 /usr/local/samba/lib/private/libtevent-samba4.so(+0xf1ea) [0x7f0c7b89e1ea] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #31 /usr/local/samba/lib/private/libtevent-samba4.so(_tevent_loop_once+0x113) [0x7f0c7b895229] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #32 /usr/local/samba/lib/private/libtevent-samba4.so(tevent_common_loop_wait+0x25) [0x7f0c7b895550] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #33 /usr/local/samba/lib/private/libtevent-samba4.so(+0xf28f) [0x7f0c7b89e28f] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #34 /usr/local/samba/lib/private/libtevent-samba4.so(_tevent_loop_wait+0x2b) [0x7f0c7b8955f3] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #35 /usr/local/samba/sbin/smbd(+0xa17f) [0x55659048417f] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #36 /usr/local/samba/sbin/smbd(main+0x1835) [0x5565904862d3] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #37 /lib64/libc.so.6(+0x3feb0) [0x7f0c7b45deb0] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #38 /lib64/libc.so.6(__libc_start_main+0x80) [0x7f0c7b45df60] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: #39 /usr/local/samba/sbin/smbd(_start+0x25) [0x55659047fdf5] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: [2023/01/11 22:58:24.451808, 0] ../../source3/lib/util.c:702(smb_panic_s3) >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: smb_panic(): calling panic action [/usr/share/samba/panic-action 45790] >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: [2023/01/11 22:58:24.453503, 0] ../../source3/lib/util.c:709(smb_panic_s3) >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: smb_panic(): action returned status 127 >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: [2023/01/11 22:58:24.453584, 0] ../../source3/lib/dumpcore.c:317(dump_core) >Jan 11 22:58:24 fileserver.ig.initiativgruppe.de smbd[45790]: coredump is handled by helper binary specified at /proc/sys/kernel/core_pattern > >Core File GDB: > >(gdb) where >#0 0x00007fd13042e54c in __pthread_kill_implementation () from /lib64/libc.so.6 >#1 0x00007fd1303e1ce6 in raise () from /lib64/libc.so.6 >#2 0x00007fd1303b57f3 in abort () from /lib64/libc.so.6 >#3 0x00007fd1308e3b52 in dump_core () at ../../source3/lib/dumpcore.c:338 >#4 0x00007fd1308f53a8 in smb_panic_s3 (why=0x7ffefab23250 "Signal 11: Speicherzugriffsfehler") at ../../source3/lib/util.c:713 >#5 0x00007fd1305e29f1 in smb_panic (why=0x7ffefab23250 "Signal 11: Speicherzugriffsfehler") at ../../lib/util/fault.c:198 >#6 0x00007fd1305e24d0 in fault_report (sig=11) at ../../lib/util/fault.c:82 >#7 0x00007fd1305e24e5 in sig_fault (sig=11) at ../../lib/util/fault.c:93 >#8 <signal handler called> >#9 virusfilter_vfs_close (handle=0x55cc6672a320, fsp=0x55cc66728b30) at ../../source3/modules/vfs_virusfilter.c:1423 >#10 0x00007fd130a9791f in smb_vfs_call_close (handle=0x55cc6672a320, fsp=0x55cc66728b30) at ../../source3/smbd/vfs.c:1760 >#11 0x00007fd130a7ed16 in fd_close (fsp=0x55cc66728b30) at ../../source3/smbd/open.c:1018 >#12 0x00007fd130a48a05 in openat_pathref_dirfsp_nosymlink (mem_ctx=0x55cc66715ec0, conn=0x55cc66720680, path_in=0x55cc66735610 "Wiki/Intranet", twrp=0, _smb_fname=0x7ffefab23d18, unparsed=0x7ffefab23cd8, > substitute=0x7ffefab23ce0) at ../../source3/smbd/files.c:1058 >#13 0x00007fd130a7b8cc in filename_convert_dirfsp_nosymlink (mem_ctx=0x55cc66715ec0, conn=0x55cc66720680, name_in=0x55cc66716310 "Wiki/Intranet/OE", ucf_flags=0, twrp=0, _dirfsp=0x7ffefab240c0, > _smb_fname=0x7ffefab240b8, _substitute=0x7ffefab23de0, _unparsed=0x7ffefab23dd0) at ../../source3/smbd/filename.c:1156 >#14 0x00007fd130a7c423 in filename_convert_dirfsp (mem_ctx=0x55cc66715ec0, conn=0x55cc66720680, name_in=0x55cc66716310 "Wiki/Intranet/OE", ucf_flags=0, twrp=0, _dirfsp=0x7ffefab240c0, _smb_fname=0x7ffefab240b8) > at ../../source3/smbd/filename.c:1461 >#15 0x00007fd130ad911e in smbd_smb2_create_send (mem_ctx=0x55cc66715630, ev=0x55cc666eb890, smb2req=0x55cc66715630, in_oplock_level=0 '\000', in_impersonation_level=2, in_desired_access=128, > in_file_attributes=0, in_share_access=7, in_create_disposition=1, in_create_options=2097152, in_name=0x55cc66715a40 "Wiki\\Intranet\\OE", in_context_blobs=...) at ../../source3/smbd/smb2_create.c:976 >#16 0x00007fd130ad6e1d in smbd_smb2_request_process_create (smb2req=0x55cc66715630) at ../../source3/smbd/smb2_create.c:270 >#17 0x00007fd130ac8751 in smbd_smb2_request_dispatch (req=0x55cc66715630) at ../../source3/smbd/smb2_server.c:3399 >#18 0x00007fd130acd617 in smbd_smb2_io_handler (xconn=0x55cc66714fe0, fde_flags=1) at ../../source3/smbd/smb2_server.c:5008 >#19 0x00007fd130acd723 in smbd_smb2_connection_handler (ev=0x55cc666eb890, fde=0x55cc66717ab0, flags=1, private_data=0x55cc66714fe0) at ../../source3/smbd/smb2_server.c:5046 >#20 0x00007fd1308054c7 in tevent_common_invoke_fd_handler (fde=0x55cc66717ab0, flags=1, removed=0x0) at ../../lib/tevent/tevent_fd.c:142 >#21 0x00007fd13081027b in epoll_event_loop (epoll_ev=0x55cc66713540, tvalp=0x7ffefab24550) at ../../lib/tevent/tevent_epoll.c:737 >#22 0x00007fd1308108db in epoll_event_loop_once (ev=0x55cc666eb890, location=0x7fd130ba2c68 "../../source3/smbd/smb2_process.c:2015") at ../../lib/tevent/tevent_epoll.c:938 >#23 0x00007fd13080d1ea in std_event_loop_once (ev=0x55cc666eb890, location=0x7fd130ba2c68 "../../source3/smbd/smb2_process.c:2015") at ../../lib/tevent/tevent_standard.c:110 >#24 0x00007fd130804229 in _tevent_loop_once (ev=0x55cc666eb890, location=0x7fd130ba2c68 "../../source3/smbd/smb2_process.c:2015") at ../../lib/tevent/tevent.c:825 >#25 0x00007fd130804550 in tevent_common_loop_wait (ev=0x55cc666eb890, location=0x7fd130ba2c68 "../../source3/smbd/smb2_process.c:2015") at ../../lib/tevent/tevent.c:948 >#26 0x00007fd13080d28f in std_event_loop_wait (ev=0x55cc666eb890, location=0x7fd130ba2c68 "../../source3/smbd/smb2_process.c:2015") at ../../lib/tevent/tevent_standard.c:141 >#27 0x00007fd1308045f3 in _tevent_loop_wait (ev=0x55cc666eb890, location=0x7fd130ba2c68 "../../source3/smbd/smb2_process.c:2015") at ../../lib/tevent/tevent.c:967 >#28 0x00007fd130aaf414 in smbd_process (ev_ctx=0x55cc666eb890, msg_ctx=0x55cc666e5300, sock_fd=33, interactive=false) at ../../source3/smbd/smb2_process.c:2015 >#29 0x000055cc662514c1 in smbd_accept_connection (ev=0x55cc666eb890, fde=0x55cc66713740, flags=1, private_data=0x55cc667136b0) at ../../source3/smbd/server.c:1037 >#30 0x00007fd1308054c7 in tevent_common_invoke_fd_handler (fde=0x55cc66713740, flags=1, removed=0x0) at ../../lib/tevent/tevent_fd.c:142 >#31 0x00007fd13081027b in epoll_event_loop (epoll_ev=0x55cc666fa4a0, tvalp=0x7ffefab24900) at ../../lib/tevent/tevent_epoll.c:737 >#32 0x00007fd1308108db in epoll_event_loop_once (ev=0x55cc666eb890, location=0x55cc66256888 "../../source3/smbd/server.c:1381") at ../../lib/tevent/tevent_epoll.c:938 >#33 0x00007fd13080d1ea in std_event_loop_once (ev=0x55cc666eb890, location=0x55cc66256888 "../../source3/smbd/server.c:1381") at ../../lib/tevent/tevent_standard.c:110 >#34 0x00007fd130804229 in _tevent_loop_once (ev=0x55cc666eb890, location=0x55cc66256888 "../../source3/smbd/server.c:1381") at ../../lib/tevent/tevent.c:825 >#35 0x00007fd130804550 in tevent_common_loop_wait (ev=0x55cc666eb890, location=0x55cc66256888 "../../source3/smbd/server.c:1381") at ../../lib/tevent/tevent.c:948 >#36 0x00007fd13080d28f in std_event_loop_wait (ev=0x55cc666eb890, location=0x55cc66256888 "../../source3/smbd/server.c:1381") at ../../lib/tevent/tevent_standard.c:141 >#37 0x00007fd1308045f3 in _tevent_loop_wait (ev=0x55cc666eb890, location=0x55cc66256888 "../../source3/smbd/server.c:1381") at ../../lib/tevent/tevent.c:967 >#38 0x000055cc6625217f in smbd_parent_loop (ev_ctx=0x55cc666eb890, parent=0x55cc666f9b20) at ../../source3/smbd/server.c:1381 >#39 0x000055cc662542d3 in main (argc=5, argv=0x7ffefab24ea8) at ../../source3/smbd/server.c:2125 >(gdb) > > Thanks in advance,Thanks Phillip, The gdb backtrace helps. The error is occurring due to this code in openat_pathref_dirfsp_nosymlink(). 1055 if (dirfsp != conn->cwd_fsp) { 1056 dirfsp->fsp_name = NULL; 1057 SMB_ASSERT(fsp_get_pathref_fd(dirfsp) != -1); 1058 fd_close(dirfsp); 1059 file_free(NULL, dirfsp); 1060 dirfsp = NULL; 1061 } Note line 1056 which sets dirfsp->fsp_name = NULL. Then inside virusfilter_vfs_close() we have: 1412 static int virusfilter_vfs_close( 1413 struct vfs_handle_struct *handle, 1414 files_struct *fsp) 1415 { 1416 /* 1417 * The name of this variable is for consistency. If API changes to 1418 * match _open change to cwd_fname as in virusfilter_vfs_open. 1419 */ 1420 const char *cwd_fname = handle->conn->connectpath; 1421 1422 struct virusfilter_config *config = NULL; 1423 char *fname = fsp->fsp_name->base_name; 1424 int close_result = -1; 1425 int close_errno = 0; 1426 virusfilter_result scan_result; 1427 int scan_errno = 0; 1428 1429 SMB_VFS_HANDLE_GET_DATA(handle, config, 1430 struct virusfilter_config, return -1); Note line 1423: char *fname = fsp->fsp_name->base_name; As we've just set fsp_name == NULL in the caller, we crash here. Can you try the following (untested) patch. I'm not sure it's correct, but might get you going whilst we investigate further. ------------------------------------------------- diff --git a/source3/modules/vfs_virusfilter.c b/source3/modules/vfs_virusfilter.c index 124b4091c1b..8df7d98b9e0 100644 --- a/source3/modules/vfs_virusfilter.c +++ b/source3/modules/vfs_virusfilter.c @@ -1420,7 +1420,7 @@ static int virusfilter_vfs_close( const char *cwd_fname = handle->conn->connectpath; struct virusfilter_config *config = NULL; - char *fname = fsp->fsp_name->base_name; + char *fname = NULL; int close_result = -1; int close_errno = 0; virusfilter_result scan_result; @@ -1439,6 +1439,13 @@ static int virusfilter_vfs_close( close_errno = errno; } + if (fsp->fsp_flags.is_directory) { + DBG_INFO("Not scanned: Directory: %s/\n", cwd_fname); + return close_result; + } + + fname = fsp->fsp_name->base_name; + /* * Return immediately if close_result == -1, and close_errno == EBADF. * If close failed, file likely doesn't exist, do not try to scan. @@ -1453,11 +1460,6 @@ static int virusfilter_vfs_close( goto virusfilter_vfs_close_fail; } - if (fsp->fsp_flags.is_directory) { - DBG_INFO("Not scanned: Directory: %s/\n", cwd_fname); - return close_result; - } - if (fsp_is_alternate_stream(fsp)) { if (config->scan_on_open && fsp->fsp_flags.modified) { if (config->cache) { ------------------------------------------------- -- This email was Malware checked by UTM 9. http://www.sophos.com
Jeremy Allison
2023-Jan-12 00:04 UTC
[Samba] v4.17.4 (from source): vfs_virusfilter with clamav dumps core on file access
On Wed, Jan 11, 2023 at 11:59:22PM +0000, Assmann Phillip via samba wrote:>Hi Jeremy, > > >your patch works flawlessly! Access is possible, scanning also works now: > > >Jan 12 00:56:24 fileserver.ig.initiativgruppe.de smbd[88287]: Initialising custom vfs hooks from [virusfilter] >Jan 12 00:56:24 fileserver.ig.initiativgruppe.de smbd[88287]: load_module_absolute_path: Module '/usr/local/samba/lib/vfs/virusfilter.so' loaded >Jan 12 00:56:24 fileserver.ig.initiativgruppe.de smbd[88286]: [2023/01/12 00:56:24.456725, 0] ../../source3/modules/vfs_virusfilter.c:1172(virusfilter_scan) >Jan 12 00:56:24 fileserver.ig.initiativgruppe.de smbd[88286]: virusfilter_scan: Scan result: Infected: /zfs/tank/share/Wiki/eicar: Eicar-Signature >Jan 12 00:56:24 fileserver.ig.initiativgruppe.de smbd[88286]: [2023/01/12 00:56:24.457847, 1] ../../source3/modules/vfs_virusfilter.c:964(virusfilter_treat_infected_file) >Jan 12 00:56:24 fileserver.ig.initiativgruppe.de smbd[88286]: virusfilter_treat_infected_file: Infected file action: /zfs/tank/share/Wiki/eicar: delete > > >Thanks for your help, let me know if I can do anything to get this fixed in master.Can you log a bug for me at bugzilla.samba.org with the backtrace uploaded please ? I'm working on an MR for gitlab right now. Thanks, Jeremy.