This is what happens when you let young developers write Linux code - no clue how to do memory management and garbage collection.
Samba needs two patches, unless you're happy for SMB servers to dance for evildoers
It’s time to patch Samba again - or turn off SAMBA 1, which is never as easy as it sounds. The lid came off the issue a couple of days ago, when the big Linux distributions (Red Hat, Ubuntu, Debian and so on) rolled out fixes for a use-after-free error affecting all versions of SAMBA since 4.0 (published in 2012). The bug …
COMMENTS
-
-
-
Thursday 23rd November 2017 10:30 GMT Anonymous Coward
@Warm Brew.
Oh, I see, so instead of teaching developers about memory management etc, you think we should only let them code using tools that protect them from it and hide it all away, so they never have to bother about it?
Who writes the tools for the developers who write the tools? Do they need to know about garbage collection?
-
Thursday 23rd November 2017 11:39 GMT FIA
Oh, I see, so instead of teaching developers about memory management etc, you think we should only let them code using tools that protect them from it and hide it all away, so they never have to bother about it?
You missed the point. It isn't that you shouldn't teach these things, it's that if there's scope for mistakes to be made, then eventually there will be mistakes made. (True of life in general, not just software engineering).
Experience just means you know this. (and work/plan accordingly). No one suggested programmers shouldn't know about memory management and similar, just that they should be aware that people make mistakes.
-
-
-
Thursday 23rd November 2017 17:26 GMT bombastic bob
re:write code with tools that don't provide safe methods for memory management and garbage coll...
"Oh, I would like to see JSamba - 128GB or RAM to share a couple of files... and good luck at managing the message headers."
yeah, THAT would "fix it"!
Considering that Java has no 'unsigned' data type, even... *nausea* (/me reaches for "pink liquid")
it could ONLY be worse if it were coded in PYTHON! (well, maybe COULD be worse than that, but I don't see it)
-
-
-
Thursday 23rd November 2017 13:04 GMT Hans 1
This is what happens when you let young developers write Linux code - no clue how to do memory management and garbage collection.
1. Samba is not Linux, it is userland stuff that runs atop Linux and various other OS'
2. Pure C is better, harder to get right, but better.
Now, if you want to understand what is going on in Linux development, eat this:
https://www.youtube.com/watch?v=vyenmLqJQjs
Go, watch, and think!
Icon => pints for Greg, Andrew, and Linus!
-
Thursday 23rd November 2017 17:20 GMT bombastic bob
"no clue how to do memory management and garbage collection."
REAL programmers do not NEED to do "garbage collection". They understand that for every 'malloc' or 'new', there must be a 'free' or 'delete'. And buffer sizes must be CHECKED. etc.
"garbage collection" is for those weenies who insist on using duck-typed languages. Or Java. *nausea*
-
Thursday 23rd November 2017 17:51 GMT Jeremy Allison
"REAL programmers do not NEED to do "garbage collection". They understand that for every 'malloc' or 'new', there must be a 'free' or 'delete'. And buffer sizes must be CHECKED. etc."
Samba uses the talloc library (invented locally) for this purpose. Check out https://talloc.samba.org/talloc/doc/html/index.html . It's a really nice piece of code which has stack/heap smashing protections etc. Lots of non-Samba code in Red Hat/Fedora also uses it.
Buffer overruns are harder, for much of SMB1/2/3 it's hard to auto-generate, as the protocol isn't defined in an interface definition language. Our DCE-RPC code is auto-generated and buffer overrun checked, as our IDL compiler (pidl) does this for us.
Unfortunately, due to C, these kind of bugs will always be with us. All we can do is be eternally vigilant and review everything.
-
-
-
-
-
-
-
-
Thursday 23rd November 2017 23:11 GMT Alan Brown
"NFS is a simpler protocol, but not necessarily higher performing. "
*shuddering memories of PC-NFS on DOS boxes and windows3/95.
There's a more prosaic problem with NFS on linux boxes - it doesn't play nice with _anything_ else touching the same areas of the filesystem due to the way it's coded and lives in kernel-space (I was one of the misguided people who helped make it that way more than 20 years ago due to the abysmal userland performance(*) and I'm a mere spring chicken at 51)
Ganesha attempts to make up for things, but it's not easy to get running.
(*)it was less than 20% of the speed of the SunOs NFS server on equivalent hardware.
-
-
-
-
-
Thursday 23rd November 2017 17:36 GMT Jeremy Allison
Error in the article text.
It states: "Samba's developers have detected exploits", that should be "Samba's developers have *NOT* detected exploits", because we haven't.
Never say never, but I can't see a way to exploit this (not that I'm an exploit expert). But better to fix than leave any possibility around.