summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2006-04-18 13:06:49 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:04:10 -0500
commit73b385d3c42d203dac8df7f5300df81d4f8fdebc (patch)
tree8d1264da8a82a32701a198bb13c1918579a8ead4
parentacc051674226d60a4d9739d883b2261ce98d651c (diff)
downloadsamba-73b385d3c42d203dac8df7f5300df81d4f8fdebc.tar.gz
samba-73b385d3c42d203dac8df7f5300df81d4f8fdebc.tar.bz2
samba-73b385d3c42d203dac8df7f5300df81d4f8fdebc.zip
r15122: test what access masks are needed when using the FLAGS2_READ_PERMIT_EXECUTE
flag. metze (This used to be commit d298e4760c1edf49f3c935304b466ba04989c32b)
-rw-r--r--source4/torture/raw/read.c174
1 files changed, 159 insertions, 15 deletions
diff --git a/source4/torture/raw/read.c b/source4/torture/raw/read.c
index 8c257462f2..1be2503fa0 100644
--- a/source4/torture/raw/read.c
+++ b/source4/torture/raw/read.c
@@ -710,6 +710,160 @@ done:
return ret;
}
+/*
+ test read for execute
+*/
+static BOOL test_read_for_execute(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
+{
+ union smb_open op;
+ union smb_write wr;
+ union smb_read rd;
+ NTSTATUS status;
+ BOOL ret = True;
+ int fnum;
+ uint8_t *buf;
+ const int maxsize = 900;
+ const char *fname = BASEDIR "\\test.txt";
+ const uint8_t data[] = "TEST DATA";
+
+ buf = talloc_zero_size(mem_ctx, maxsize);
+
+ if (!torture_setup_dir(cli, BASEDIR)) {
+ return False;
+ }
+
+ printf("Testing RAW_READ_READX with read_for_execute\n");
+
+ op.generic.level = RAW_OPEN_NTCREATEX;
+ op.ntcreatex.in.root_fid = 0;
+ op.ntcreatex.in.flags = 0;
+ op.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+ op.ntcreatex.in.create_options = 0;
+ op.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
+ op.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
+ op.ntcreatex.in.alloc_size = 0;
+ op.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
+ op.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
+ op.ntcreatex.in.security_flags = 0;
+ op.ntcreatex.in.fname = fname;
+ status = smb_raw_open(cli->tree, mem_ctx, &op);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ fnum = op.ntcreatex.out.file.fnum;
+
+ wr.generic.level = RAW_WRITE_WRITEX;
+ wr.writex.in.file.fnum = fnum;
+ wr.writex.in.offset = 0;
+ wr.writex.in.wmode = 0;
+ wr.writex.in.remaining = 0;
+ wr.writex.in.count = ARRAY_SIZE(data);
+ wr.writex.in.data = data;
+ status = smb_raw_write(cli->tree, &wr);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ CHECK_VALUE(wr.writex.out.nwritten, ARRAY_SIZE(data));
+
+ status = smbcli_close(cli->tree, fnum);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ printf("open file with SEC_FILE_EXECUTE\n");
+ op.generic.level = RAW_OPEN_NTCREATEX;
+ op.ntcreatex.in.root_fid = 0;
+ op.ntcreatex.in.flags = 0;
+ op.ntcreatex.in.access_mask = SEC_FILE_EXECUTE;
+ op.ntcreatex.in.create_options = 0;
+ op.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
+ op.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
+ op.ntcreatex.in.alloc_size = 0;
+ op.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
+ op.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
+ op.ntcreatex.in.security_flags = 0;
+ op.ntcreatex.in.fname = fname;
+ status = smb_raw_open(cli->tree, mem_ctx, &op);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ fnum = op.ntcreatex.out.file.fnum;
+
+ printf("read with FLAGS2_READ_PERMIT_EXECUTE\n");
+ rd.generic.level = RAW_READ_READX;
+ rd.readx.in.file.fnum = fnum;
+ rd.readx.in.mincnt = 0;
+ rd.readx.in.maxcnt = maxsize;
+ rd.readx.in.offset = 0;
+ rd.readx.in.remaining = 0;
+ rd.readx.in.read_for_execute = True;
+ rd.readx.out.data = buf;
+ status = smb_raw_read(cli->tree, &rd);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ CHECK_VALUE(rd.readx.out.nread, ARRAY_SIZE(data));
+ CHECK_VALUE(rd.readx.out.remaining, 0xFFFF);
+ CHECK_VALUE(rd.readx.out.compaction_mode, 0);
+
+ printf("read without FLAGS2_READ_PERMIT_EXECUTE (should fail)\n");
+ rd.generic.level = RAW_READ_READX;
+ rd.readx.in.file.fnum = fnum;
+ rd.readx.in.mincnt = 0;
+ rd.readx.in.maxcnt = maxsize;
+ rd.readx.in.offset = 0;
+ rd.readx.in.remaining = 0;
+ rd.readx.in.read_for_execute = False;
+ rd.readx.out.data = buf;
+ status = smb_raw_read(cli->tree, &rd);
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+
+ status = smbcli_close(cli->tree, fnum);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ printf("open file with SEC_FILE_READ_DATA\n");
+ op.generic.level = RAW_OPEN_NTCREATEX;
+ op.ntcreatex.in.root_fid = 0;
+ op.ntcreatex.in.flags = 0;
+ op.ntcreatex.in.access_mask = SEC_FILE_READ_DATA;
+ op.ntcreatex.in.create_options = 0;
+ op.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
+ op.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
+ op.ntcreatex.in.alloc_size = 0;
+ op.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
+ op.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
+ op.ntcreatex.in.security_flags = 0;
+ op.ntcreatex.in.fname = fname;
+ status = smb_raw_open(cli->tree, mem_ctx, &op);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ fnum = op.ntcreatex.out.file.fnum;
+
+ printf("read with FLAGS2_READ_PERMIT_EXECUTE\n");
+ rd.generic.level = RAW_READ_READX;
+ rd.readx.in.file.fnum = fnum;
+ rd.readx.in.mincnt = 0;
+ rd.readx.in.maxcnt = maxsize;
+ rd.readx.in.offset = 0;
+ rd.readx.in.remaining = 0;
+ rd.readx.in.read_for_execute = True;
+ rd.readx.out.data = buf;
+ status = smb_raw_read(cli->tree, &rd);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ CHECK_VALUE(rd.readx.out.nread, ARRAY_SIZE(data));
+ CHECK_VALUE(rd.readx.out.remaining, 0xFFFF);
+ CHECK_VALUE(rd.readx.out.compaction_mode, 0);
+
+ printf("read without FLAGS2_READ_PERMIT_EXECUTE\n");
+ rd.generic.level = RAW_READ_READX;
+ rd.readx.in.file.fnum = fnum;
+ rd.readx.in.mincnt = 0;
+ rd.readx.in.maxcnt = maxsize;
+ rd.readx.in.offset = 0;
+ rd.readx.in.remaining = 0;
+ rd.readx.in.read_for_execute = False;
+ rd.readx.out.data = buf;
+ status = smb_raw_read(cli->tree, &rd);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ CHECK_VALUE(rd.readx.out.nread, ARRAY_SIZE(data));
+ CHECK_VALUE(rd.readx.out.remaining, 0xFFFF);
+ CHECK_VALUE(rd.readx.out.compaction_mode, 0);
+
+done:
+ smbcli_close(cli->tree, fnum);
+ smbcli_deltree(cli->tree, BASEDIR);
+ return ret;
+}
+
/*
basic testing of read calls
@@ -726,21 +880,11 @@ BOOL torture_raw_read(struct torture_context *torture)
mem_ctx = talloc_init("torture_raw_read");
- if (!test_read(cli, mem_ctx)) {
- ret = False;
- }
-
- if (!test_readx(cli, mem_ctx)) {
- ret = False;
- }
-
- if (!test_lockread(cli, mem_ctx)) {
- ret = False;
- }
-
- if (!test_readbraw(cli, mem_ctx)) {
- ret = False;
- }
+ ret &= test_read(cli, mem_ctx);
+ ret &= test_readx(cli, mem_ctx);
+ ret &= test_lockread(cli, mem_ctx);
+ ret &= test_readbraw(cli, mem_ctx);
+ ret &= test_read_for_execute(cli, mem_ctx);
torture_close_connection(cli);
talloc_free(mem_ctx);