summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/lib/charcnv.c41
-rw-r--r--source3/lib/util_str.c11
-rw-r--r--source3/libsmb/ntlmssp_parse.c3
-rw-r--r--source3/nmbd/nmbd_processlogon.c99
-rw-r--r--source3/printing/nt_printing.c2
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c6
-rw-r--r--source3/smbd/filename.c4
-rw-r--r--source3/smbd/lanman.c2
-rw-r--r--source3/smbd/msdfs.c2
-rw-r--r--source3/smbd/nttrans.c24
-rw-r--r--source3/smbd/reply.c37
-rw-r--r--source3/smbd/trans2.c22
12 files changed, 179 insertions, 74 deletions
diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c
index c481c9a7e2..26581ba305 100644
--- a/source3/lib/charcnv.c
+++ b/source3/lib/charcnv.c
@@ -935,27 +935,40 @@ static size_t ucs2_align(const void *base_ptr, const void *p, int flags)
* </dl>
*
* @param dest_len the maximum length in bytes allowed in the
- * destination. If @p dest_len is -1 then no maximum is used.
+ * destination.
**/
size_t push_ascii(void *dest, const char *src, size_t dest_len, int flags)
{
size_t src_len = strlen(src);
- pstring tmpbuf;
+ char *tmpbuf = NULL;
+ size_t ret;
- /* treat a pstring as "unlimited" length */
- if (dest_len == (size_t)-1)
- dest_len = sizeof(pstring);
+ /* No longer allow a length of -1. */
+ if (dest_len == (size_t)-1) {
+ smb_panic("push_ascii - dest_len == -1");
+ return (size_t)0;
+ }
if (flags & STR_UPPER) {
- pstrcpy(tmpbuf, src);
+ tmpbuf = SMB_STRDUP(src);
+ if (!tmpbuf) {
+ smb_panic("malloc fail");
+ return (size_t)0;
+ }
strupper_m(tmpbuf);
src = tmpbuf;
}
- if (flags & (STR_TERMINATE | STR_TERMINATE_ASCII))
+ if (flags & (STR_TERMINATE | STR_TERMINATE_ASCII)) {
src_len++;
+ }
- return convert_string(CH_UNIX, CH_DOS, src, src_len, dest, dest_len, True);
+ ret = convert_string(CH_UNIX, CH_DOS, src, src_len, dest, dest_len, True);
+ SAFE_FREE(tmpbuf);
+ if (ret == (size_t)-1) {
+ return 0;
+ }
+ return ret;
}
size_t push_ascii_fstring(void *dest, const char *src)
@@ -1007,6 +1020,18 @@ size_t push_ascii_nstring(void *dest, const char *src)
return dest_len;
}
+/********************************************************************
+ Push and malloc an ascii string. src and dest null terminated.
+********************************************************************/
+
+size_t push_ascii_allocate(char **dest, const char *src)
+{
+ size_t src_len = strlen(src)+1;
+
+ *dest = NULL;
+ return convert_string_allocate(NULL, CH_UNIX, CH_DOS, src, src_len, (void **)dest, True);
+}
+
/**
* Copy a string from a dos codepage source to a unix char* destination.
*
diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c
index 36cd716462..c2eeb12544 100644
--- a/source3/lib/util_str.c
+++ b/source3/lib/util_str.c
@@ -549,9 +549,14 @@ size_t str_charnum(const char *s)
size_t str_ascii_charnum(const char *s)
{
- pstring tmpbuf2;
- push_ascii(tmpbuf2, s, sizeof(tmpbuf2), STR_TERMINATE);
- return strlen(tmpbuf2);
+ size_t ret;
+ char *tmpbuf2 = NULL;
+ if (push_ascii_allocate(&tmpbuf2, s) == (size_t)-1) {
+ return 0;
+ }
+ ret = strlen(tmpbuf2);
+ SAFE_FREE(tmpbuf2);
+ return ret;
}
BOOL trim_char(char *s,char cfront,char cback)
diff --git a/source3/libsmb/ntlmssp_parse.c b/source3/libsmb/ntlmssp_parse.c
index f17af38e8e..15739d3068 100644
--- a/source3/libsmb/ntlmssp_parse.c
+++ b/source3/libsmb/ntlmssp_parse.c
@@ -151,7 +151,8 @@ BOOL msrpc_gen(DATA_BLOB *blob,
break;
case 'C':
s = va_arg(ap, char *);
- head_ofs += push_string(NULL, blob->data+head_ofs, s, -1,
+ n = str_charnum(s) + 1;
+ head_ofs += push_string(NULL, blob->data+head_ofs, s, n,
STR_ASCII|STR_TERMINATE);
break;
}
diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c
index e837939fa3..1ba45ce8df 100644
--- a/source3/nmbd/nmbd_processlogon.c
+++ b/source3/nmbd/nmbd_processlogon.c
@@ -68,7 +68,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) ));
DEBUG(4,("process_logon_packet: Logon from %s: code = 0x%x\n", inet_ntoa(p->ip), code));
switch (code) {
- case 0:
+ case 0:
{
fstring mach_str, user_str, getdc_str;
char *q = buf + 2;
@@ -108,7 +108,9 @@ logons are not enabled.\n", inet_ntoa(p->ip) ));
fstrcpy(reply_name, "\\\\");
fstrcat(reply_name, my_name);
- push_ascii_fstring(q, reply_name);
+ push_ascii(q,reply_name,
+ sizeof(outbuf)-PTR_DIFF(q, outbuf),
+ STR_TERMINATE);
q = skip_string(outbuf,sizeof(outbuf),q); /* PDC name */
SSVAL(q, 0, token);
@@ -116,7 +118,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) ));
dump_data(4, (uint8 *)outbuf, PTR_DIFF(q, outbuf));
- send_mailslot(True, getdc_str,
+ send_mailslot(True, getdc_str,
outbuf,PTR_DIFF(q,outbuf),
global_myname(), 0x0,
mach_str,
@@ -132,7 +134,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) ));
char *q = buf + 2;
char *machine = q;
- if (!lp_domain_master()) {
+ if (!lp_domain_master()) {
/* We're not Primary Domain Controller -- ignore this */
return;
}
@@ -204,7 +206,9 @@ logons are not enabled.\n", inet_ntoa(p->ip) ));
q += 2;
fstrcpy(reply_name,my_name);
- push_ascii_fstring(q, reply_name);
+ push_ascii(q, reply_name,
+ sizeof(outbuf)-PTR_DIFF(q, outbuf),
+ STR_TERMINATE);
q = skip_string(outbuf,sizeof(outbuf),q); /* PDC name */
/* PDC and domain name */
@@ -212,8 +216,15 @@ logons are not enabled.\n", inet_ntoa(p->ip) ));
/* Make a full reply */
q = ALIGN2(q, outbuf);
- q += dos_PutUniCode(q, my_name, sizeof(pstring), True); /* PDC name */
- q += dos_PutUniCode(q, lp_workgroup(),sizeof(pstring), True); /* Domain name*/
+ q += dos_PutUniCode(q, my_name,
+ sizeof(pstring) - PTR_DIFF(q, outbuf),
+ True); /* PDC name */
+ q += dos_PutUniCode(q, lp_workgroup(),
+ sizeof(pstring) - (q-outbuf),
+ True); /* Domain name*/
+ if (sizeof(pstring) - PTR_DIFF(q, outbuf) < 8) {
+ return;
+ }
SIVAL(q, 0, 1); /* our nt version */
SSVAL(q, 4, 0xffff); /* our lmnttoken */
SSVAL(q, 6, 0xffff); /* our lm20token */
@@ -349,9 +360,15 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
q += 2;
- q += dos_PutUniCode(q, reply_name,sizeof(pstring), True);
- q += dos_PutUniCode(q, ascuser, sizeof(pstring), True);
- q += dos_PutUniCode(q, lp_workgroup(),sizeof(pstring), True);
+ q += dos_PutUniCode(q, reply_name,
+ sizeof(pstring) - PTR_DIFF(q, outbuf),
+ True);
+ q += dos_PutUniCode(q, ascuser,
+ sizeof(pstring) - PTR_DIFF(q, outbuf),
+ True);
+ q += dos_PutUniCode(q, lp_workgroup(),
+ sizeof(pstring) - PTR_DIFF(q, outbuf),
+ True);
}
#ifdef HAVE_ADS
else {
@@ -366,7 +383,10 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
get_mydnsdomname(domain);
get_myname(hostname);
-
+
+ if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 8) {
+ return;
+ }
if (SVAL(uniuser, 0) == 0) {
SIVAL(q, 0, SAMLOGON_AD_UNK_R); /* user unknown */
} else {
@@ -379,6 +399,9 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
q += 4;
/* Push Domain GUID */
+ if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < UUID_FLAT_SIZE) {
+ return;
+ }
if (False == secrets_fetch_domain_guid(domain, &domain_guid)) {
DEBUG(2, ("Could not fetch DomainGUID for %s\n", domain));
return;
@@ -394,12 +417,20 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
q1 = q;
while ((component = strtok(dc, "."))) {
dc = NULL;
- size = push_ascii(&q[1], component, -1, 0);
+ if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 1) {
+ return;
+ }
+ size = push_ascii(&q[1], component,
+ sizeof(outbuf) - PTR_DIFF(q+1, outbuf),
+ 0);
SCVAL(q, 0, size);
q += (size + 1);
}
/* Unk0 */
+ if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 4) {
+ return;
+ }
SCVAL(q, 0, 0);
q++;
@@ -409,44 +440,74 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
q += 2;
/* Hostname */
- size = push_ascii(&q[1], hostname, -1, 0);
+ size = push_ascii(&q[1], hostname,
+ sizeof(outbuf) - PTR_DIFF(q+1, outbuf),
+ 0);
SCVAL(q, 0, size);
q += (size + 1);
+
+ if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 3) {
+ return;
+ }
+
SCVAL(q, 0, 0xc0 | ((str_offset >> 8) & 0x3F));
SCVAL(q, 1, str_offset & 0xFF);
q += 2;
/* NETBIOS of domain */
- size = push_ascii(&q[1], lp_workgroup(), -1, STR_UPPER);
+ size = push_ascii(&q[1], lp_workgroup(),
+ sizeof(outbuf) - PTR_DIFF(q+1, outbuf),
+ STR_UPPER);
SCVAL(q, 0, size);
q += (size + 1);
/* Unk1 */
+ if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 2) {
+ return;
+ }
+
SCVAL(q, 0, 0);
q++;
/* NETBIOS of hostname */
- size = push_ascii(&q[1], my_name, -1, 0);
+ size = push_ascii(&q[1], my_name,
+ sizeof(outbuf) - PTR_DIFF(q+1, outbuf),
+ 0);
SCVAL(q, 0, size);
q += (size + 1);
/* Unk2 */
+ if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 4) {
+ return;
+ }
+
SCVAL(q, 0, 0);
q++;
/* User name */
if (SVAL(uniuser, 0) != 0) {
- size = push_ascii(&q[1], ascuser, -1, 0);
+ size = push_ascii(&q[1], ascuser,
+ sizeof(outbuf) - PTR_DIFF(q+1, outbuf),
+ 0);
SCVAL(q, 0, size);
q += (size + 1);
}
q_orig = q;
/* Site name */
- size = push_ascii(&q[1], "Default-First-Site-Name", -1, 0);
+ if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 1) {
+ return;
+ }
+ size = push_ascii(&q[1], "Default-First-Site-Name",
+ sizeof(outbuf) - PTR_DIFF(q+1, outbuf),
+ 0);
SCVAL(q, 0, size);
q += (size + 1);
+ if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 18) {
+ return;
+ }
+
/* Site name (2) */
str_offset = q - q_orig;
SCVAL(q, 0, 0xc0 | ((str_offset >> 8) & 0x3F));
@@ -467,6 +528,10 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
}
#endif
+ if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 8) {
+ return;
+ }
+
/* tell the client what version we are */
SIVAL(q, 0, ((ntversion < 11) || (SEC_ADS != lp_security())) ? 1 : 13);
/* our ntversion */
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index 087af92955..55023823a0 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -667,7 +667,7 @@ static void driver_unix_convert(connection_struct *conn,
unix_format(name);
unix_clean_name(name);
trim_string(name,"/","/");
- unix_convert(conn, name, False, &new_name, NULL, pst);
+ unix_convert(talloc_tos(),conn, name, False, &new_name, NULL, pst);
if (new_name) {
pstrcpy(name, new_name);
}
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 4be519a9a3..5a3a78ef89 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -2048,6 +2048,7 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, struct srvsvc_NetGetFileSecur
BOOL became_user = False;
WERROR status = WERR_OK;
char *tmp_file = NULL;
+ TALLOC_CTX *ctx = talloc_tos();
ZERO_STRUCT(st);
@@ -2076,7 +2077,7 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, struct srvsvc_NetGetFileSecur
status = WERR_INVALID_PARAM;
goto error_exit;
}
- nt_status = unix_convert(conn, r->in.file, False, &tmp_file, NULL, &st);
+ nt_status = unix_convert(ctx, conn, r->in.file, False, &tmp_file, NULL, &st);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srv_net_file_query_secdesc: bad pathname %s\n", r->in.file));
status = WERR_ACCESS_DENIED;
@@ -2156,6 +2157,7 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, struct srvsvc_NetSetFileSecur
BOOL became_user = False;
WERROR status = WERR_OK;
char *tmp_file = NULL;
+ TALLOC_CTX *ctx = talloc_tos();
ZERO_STRUCT(st);
@@ -2183,7 +2185,7 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, struct srvsvc_NetSetFileSecur
status = WERR_INVALID_PARAM;
goto error_exit;
}
- nt_status = unix_convert(conn, r->in.file, False, &tmp_file, NULL, &st);
+ nt_status = unix_convert(ctx, conn, r->in.file, False, &tmp_file, NULL, &st);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srv_net_file_set_secdesc: bad pathname %s\n", r->in.file));
status = WERR_ACCESS_DENIED;
diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index 27f17f9628..f15c107711 100644
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -107,7 +107,8 @@ stat struct will be filled with zeros (and this can be detected by checking
for nlinks = 0, which can never be true for any file).
****************************************************************************/
-NTSTATUS unix_convert(connection_struct *conn,
+NTSTATUS unix_convert(TALLOC_CTX *ctx,
+ connection_struct *conn,
const char *orig_path,
BOOL allow_wcard_last_component,
char **pp_conv_path,
@@ -121,7 +122,6 @@ NTSTATUS unix_convert(connection_struct *conn,
BOOL component_was_mangled = False;
BOOL name_has_wildcard = False;
NTSTATUS result;
- TALLOC_CTX *ctx = talloc_tos();
SET_STAT_INVALID(*pst);
*pp_conv_path = NULL;
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index 37fcc658db..87cbc9183e 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -415,7 +415,7 @@ static void PackDriverData(struct pack_desc* desc)
SIVAL(drivdata,0,sizeof drivdata); /* cb */
SIVAL(drivdata,4,1000); /* lVersion */
memset(drivdata+8,0,32); /* szDeviceName */
- push_ascii(drivdata+8,"NULL",-1, STR_TERMINATE);
+ push_ascii(drivdata+8,"NULL",32, STR_TERMINATE);
PACKl(desc,"l",drivdata,sizeof drivdata); /* pDriverData */
}
diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c
index 5cbe8c68ac..1917eb4d10 100644
--- a/source3/smbd/msdfs.c
+++ b/source3/smbd/msdfs.c
@@ -476,7 +476,7 @@ static NTSTATUS dfs_path_lookup(TALLOC_CTX *ctx,
* think this is needed. JRA.
*/
- status = unix_convert(conn, pdp->reqpath, search_flag, &localpath,
+ status = unix_convert(ctx, conn, pdp->reqpath, search_flag, &localpath,
NULL, &sbuf);
if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status,
NT_STATUS_OBJECT_PATH_NOT_FOUND)) {
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 452533629c..14a11c3fe3 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -745,7 +745,7 @@ void reply_ntcreate_and_X(connection_struct *conn,
file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS;
}
- status = unix_convert(conn, fname, False, &fname, NULL, &sbuf);
+ status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(case_state);
reply_nterror(req, status);
@@ -1479,7 +1479,7 @@ static void call_nt_transact_create(connection_struct *conn,
return;
}
- status = unix_convert(conn, fname, False, &fname, NULL, &sbuf);
+ status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(case_state);
reply_nterror(req, status);
@@ -1817,11 +1817,12 @@ void reply_ntcancel(connection_struct *conn, struct smb_request *req)
Copy a file.
****************************************************************************/
-static NTSTATUS copy_internals(connection_struct *conn,
- struct smb_request *req,
- const char *oldname_in,
- const char *newname_in,
- uint32 attrs)
+static NTSTATUS copy_internals(TALLOC_CTX *ctx,
+ connection_struct *conn,
+ struct smb_request *req,
+ const char *oldname_in,
+ const char *newname_in,
+ uint32 attrs)
{
SMB_STRUCT_STAT sbuf1, sbuf2;
char *oldname = NULL;
@@ -1841,7 +1842,7 @@ static NTSTATUS copy_internals(connection_struct *conn,
return NT_STATUS_MEDIA_WRITE_PROTECTED;
}
- status = unix_convert(conn, oldname_in, False, &oldname,
+ status = unix_convert(ctx, conn, oldname_in, False, &oldname,
&last_component_oldname, &sbuf1);
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -1862,7 +1863,7 @@ static NTSTATUS copy_internals(connection_struct *conn,
return NT_STATUS_NO_SUCH_FILE;
}
- status = unix_convert(conn, newname_in, False, &newname,
+ status = unix_convert(ctx, conn, newname_in, False, &newname,
&last_component_newname, &sbuf2);
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -2058,7 +2059,8 @@ void reply_ntrename(connection_struct *conn, struct smb_request *req)
/* No wildcards. */
status = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
} else {
- status = hardlink_internals(conn,
+ status = hardlink_internals(ctx,
+ conn,
oldname,
newname);
}
@@ -2068,7 +2070,7 @@ void reply_ntrename(connection_struct *conn, struct smb_request *req)
/* No wildcards. */
status = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
} else {
- status = copy_internals(conn, req, oldname,
+ status = copy_internals(ctx, conn, req, oldname,
newname, attrs);
}
break;
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index b94c91fe8e..d6813bef80 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -879,7 +879,7 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req)
DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->inbuf,smb_vwv0)));
- status = unix_convert(conn, name, False, &name, NULL, &sbuf);
+ status = unix_convert(ctx, conn, name, False, &name, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
goto path_err;
}
@@ -986,7 +986,7 @@ void reply_getatr(connection_struct *conn, struct smb_request *req)
size = 0;
mtime = 0;
} else {
- status = unix_convert(conn, fname, False, &fname, NULL,&sbuf);
+ status = unix_convert(ctx, conn, fname, False, &fname, NULL,&sbuf);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
END_PROFILE(SMBgetatr);
@@ -1081,7 +1081,7 @@ void reply_setatr(connection_struct *conn, struct smb_request *req)
return;
}
- status = unix_convert(conn, fname, False, &fname, NULL, &sbuf);
+ status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
END_PROFILE(SMBsetatr);
@@ -1107,7 +1107,7 @@ void reply_setatr(connection_struct *conn, struct smb_request *req)
mode = SVAL(req->inbuf,smb_vwv0);
mtime = srv_make_unix_date3(req->inbuf+smb_vwv1);
-
+
if (mode != FILE_ATTRIBUTE_NORMAL) {
if (VALID_STAT_OF_DIR(sbuf))
mode |= aDIR;
@@ -1279,7 +1279,8 @@ void reply_search(connection_struct *conn, struct smb_request *req)
if (status_len == 0) {
SMB_STRUCT_STAT sbuf;
- nt_status = unix_convert(conn, path, True, &directory, NULL, &sbuf);
+ nt_status = unix_convert(ctx, conn, path, True,
+ &directory, NULL, &sbuf);
if (!NT_STATUS_IS_OK(nt_status)) {
reply_nterror(req, nt_status);
END_PROFILE(SMBsearch);
@@ -1612,13 +1613,13 @@ void reply_open(connection_struct *conn, struct smb_request *req)
return;
}
- status = unix_convert(conn, fname, False, &fname, NULL, &sbuf);
+ status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
END_PROFILE(SMBopen);
return;
}
-
+
status = check_name(conn, fname);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
@@ -1776,7 +1777,7 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req)
return;
}
- status = unix_convert(conn, fname, False, &fname, NULL, &sbuf);
+ status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
END_PROFILE(SMBopenX);
@@ -1996,7 +1997,7 @@ void reply_mknew(connection_struct *conn, struct smb_request *req)
return;
}
- status = unix_convert(conn, fname, False, &fname, NULL, &sbuf);
+ status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
END_PROFILE(SMBcreate);
@@ -2132,7 +2133,7 @@ void reply_ctemp(connection_struct *conn, struct smb_request *req)
return;
}
- status = unix_convert(conn, fname, False, &fname, NULL, &sbuf);
+ status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
END_PROFILE(SMBctemp);
@@ -2389,7 +2390,7 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
SMB_STRUCT_STAT sbuf;
TALLOC_CTX *ctx = talloc_tos();
- status = unix_convert(conn, name_in, has_wild, &name, NULL, &sbuf);
+ status = unix_convert(ctx, conn, name_in, has_wild, &name, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -4777,7 +4778,7 @@ void reply_mkdir(connection_struct *conn, struct smb_request *req)
return;
}
- status = unix_convert(conn, directory, False, &directory, NULL, &sbuf);
+ status = unix_convert(ctx, conn, directory, False, &directory, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
END_PROFILE(SMBmkdir);
@@ -5045,7 +5046,7 @@ void reply_rmdir(connection_struct *conn, struct smb_request *req)
return;
}
- status = unix_convert(conn, directory, False, &directory,
+ status = unix_convert(ctx, conn, directory, False, &directory,
NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
@@ -5530,13 +5531,13 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx,
ZERO_STRUCT(sbuf1);
ZERO_STRUCT(sbuf2);
- status = unix_convert(conn, name_in, src_has_wild, &name,
+ status = unix_convert(ctx, conn, name_in, src_has_wild, &name,
&last_component_src, &sbuf1);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- status = unix_convert(conn, newname_in, dest_has_wild, &newname,
+ status = unix_convert(ctx, conn, newname_in, dest_has_wild, &newname,
&last_component_dest, &sbuf2);
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -6120,14 +6121,16 @@ void reply_copy(connection_struct *conn, struct smb_request *req)
return;
}
- status = unix_convert(conn, name, source_has_wild, &name, NULL, &sbuf1);
+ status = unix_convert(ctx, conn, name, source_has_wild,
+ &name, NULL, &sbuf1);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
END_PROFILE(SMBcopy);
return;
}
- status = unix_convert(conn, newname, dest_has_wild, &newname, NULL, &sbuf2);
+ status = unix_convert(ctx, conn, newname, dest_has_wild,
+ &newname, NULL, &sbuf2);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
END_PROFILE(SMBcopy);
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 63dcb06f5d..7af4bcee60 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -844,7 +844,7 @@ static void call_trans2open(connection_struct *conn,
/* XXXX we need to handle passed times, sattr and flags */
- status = unix_convert(conn, fname, False, &fname, NULL, &sbuf);
+ status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
return;
@@ -1872,7 +1872,7 @@ close_if_end = %d requires_resume_key = %d level = 0x%x, max_data_bytes = %d\n",
return;
}
- ntstatus = unix_convert(conn, directory, True, &directory, NULL, &sbuf);
+ ntstatus = unix_convert(ctx, conn, directory, True, &directory, NULL, &sbuf);
if (!NT_STATUS_IS_OK(ntstatus)) {
reply_nterror(req, ntstatus);
return;
@@ -3664,7 +3664,7 @@ static void call_trans2qfilepathinfo(connection_struct *conn,
return;
}
- status = unix_convert(conn, fname, False, &fname, NULL, &sbuf);
+ status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
return;
@@ -4430,7 +4430,8 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd
code.
****************************************************************************/
-NTSTATUS hardlink_internals(connection_struct *conn,
+NTSTATUS hardlink_internals(TALLOC_CTX *ctx,
+ connection_struct *conn,
const char *oldname_in,
const char *newname_in)
{
@@ -4444,7 +4445,7 @@ NTSTATUS hardlink_internals(connection_struct *conn,
ZERO_STRUCT(sbuf1);
ZERO_STRUCT(sbuf2);
- status = unix_convert(conn, oldname_in, False, &oldname,
+ status = unix_convert(ctx, conn, oldname_in, False, &oldname,
&last_component_oldname, &sbuf1);
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -4460,7 +4461,7 @@ NTSTATUS hardlink_internals(connection_struct *conn,
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
- status = unix_convert(conn, newname_in, False, &newname,
+ status = unix_convert(ctx, conn, newname_in, False, &newname,
&last_component_newname, &sbuf2);
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -4933,7 +4934,7 @@ static NTSTATUS smb_set_file_unix_hlink(connection_struct *conn,
DEBUG(10,("smb_set_file_unix_hlink: SMB_SET_FILE_UNIX_LINK doing hard link %s -> %s\n",
fname, oldname));
- return hardlink_internals(conn, oldname, fname);
+ return hardlink_internals(ctx, conn, oldname, fname);
}
/****************************************************************************
@@ -5021,7 +5022,7 @@ static NTSTATUS smb_file_rename_information(connection_struct *conn,
ZERO_STRUCT(sbuf);
- status = unix_convert(conn, newname, False,
+ status = unix_convert(ctx, conn, newname, False,
&newname,
&newname_last_component,
&sbuf);
@@ -6317,7 +6318,8 @@ static void call_trans2setfilepathinfo(connection_struct *conn,
return;
}
- status = unix_convert(conn, fname, False, &fname, NULL, &sbuf);
+ status = unix_convert(ctx, conn, fname, False,
+ &fname, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
return;
@@ -6665,7 +6667,7 @@ static void call_trans2mkdir(connection_struct *conn, struct smb_request *req,
DEBUG(3,("call_trans2mkdir : name = %s\n", directory));
- status = unix_convert(conn, directory, False, &directory, NULL, &sbuf);
+ status = unix_convert(ctx, conn, directory, False, &directory, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
return;