From aec246459b4c82fd666a3de20a55700008a5f831 Mon Sep 17 00:00:00 2001 From: Anand Avati Date: Sat, 27 Apr 2013 11:18:20 -0700 Subject: posix-acl: fetch ACLs in readdirplus Not fetching ACLs in readdirplus can potentially result in spurious wrong ACL decisions (which magically go away on a lookup() which populates the ACLs) Change-Id: Ided38b4d868fab482b477ce51b4878289ef9eed0 BUG: 953694 Signed-off-by: Anand Avati Reviewed-on: http://review.gluster.org/4926 Tested-by: Gluster Build System Reviewed-by: Vijay Bellur --- xlators/system/posix-acl/src/posix-acl.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'xlators/system/posix-acl/src') diff --git a/xlators/system/posix-acl/src/posix-acl.c b/xlators/system/posix-acl/src/posix-acl.c index 05d65f3d9b4..f6246d92c8a 100644 --- a/xlators/system/posix-acl/src/posix-acl.c +++ b/xlators/system/posix-acl/src/posix-acl.c @@ -1517,12 +1517,16 @@ posix_acl_readdirp (call_frame_t *frame, xlator_t *this, fd_t *fd, size_t size, off_t offset, dict_t *dict) { int ret = 0; + dict_t *alloc_dict = NULL; if (acl_permits (frame, fd->inode, POSIX_ACL_READ)) goto green; else goto red; green: + if (!dict) + dict = alloc_dict = dict_new (); + if (dict) { ret = dict_set_int8 (dict, POSIX_ACL_ACCESS_XATTR, 0); if (ret) @@ -1541,6 +1545,8 @@ green: FIRST_CHILD(this), FIRST_CHILD(this)->fops->readdirp, fd, size, offset, dict); + if (alloc_dict) + dict_unref (alloc_dict); return 0; red: STACK_UNWIND_STRICT (readdirp, frame, -1, EACCES, NULL, NULL); -- cgit