summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/smb.h1
-rw-r--r--source3/smbd/aio.c6
-rw-r--r--source3/smbd/ipc.c12
-rw-r--r--source3/smbd/nttrans.c4
-rw-r--r--source3/smbd/pipes.c21
-rw-r--r--source3/smbd/process.c1
-rw-r--r--source3/smbd/reply.c215
-rw-r--r--source3/smbd/sesssetup.c20
-rw-r--r--source3/smbd/trans2.c10
9 files changed, 144 insertions, 146 deletions
diff --git a/source3/include/smb.h b/source3/include/smb.h
index e2cd0e571c..3de782e8b8 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -631,6 +631,7 @@ struct smb_request {
uint16 vuid;
uint16 tid;
uint8 wct;
+ uint16_t *vwv;
uint16_t buflen;
const uint8_t *buf;
const uint8 *inbuf;
diff --git a/source3/smbd/aio.c b/source3/smbd/aio.c
index c3fd0a2bc0..aca7a192c3 100644
--- a/source3/smbd/aio.c
+++ b/source3/smbd/aio.c
@@ -240,7 +240,7 @@ bool schedule_aio_read_and_X(connection_struct *conn,
/* Only do this on non-chained and non-chaining reads not using the
* write cache. */
- if (chain_size !=0 || (CVAL(req->inbuf,smb_vwv0) != 0xFF)
+ if (chain_size !=0 || (CVAL(req->vwv+0, 0) != 0xFF)
|| (lp_write_cache_size(SNUM(conn)) != 0) ) {
return False;
}
@@ -311,7 +311,7 @@ bool schedule_aio_write_and_X(connection_struct *conn,
struct aio_extra *aio_ex;
SMB_STRUCT_AIOCB *a;
size_t inbufsize, outbufsize;
- bool write_through = BITSETW(req->inbuf+smb_vwv7,0);
+ bool write_through = BITSETW(req->vwv+7,0);
size_t min_aio_write_size = lp_aio_write_size(SNUM(conn));
if (fsp->base_fsp != NULL) {
@@ -332,7 +332,7 @@ bool schedule_aio_write_and_X(connection_struct *conn,
/* Only do this on non-chained and non-chaining reads not using the
* write cache. */
- if (chain_size !=0 || (CVAL(req->inbuf,smb_vwv0) != 0xFF)
+ if (chain_size !=0 || (CVAL(req->vwv+0, 0) != 0xFF)
|| (lp_write_cache_size(SNUM(conn)) != 0) ) {
return False;
}
diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index 1f6443f1d7..c203445d45 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -540,8 +540,8 @@ void reply_trans(struct smb_request *req)
state->max_param_return = SVAL(req->inbuf, smb_mprcnt);
state->max_data_return = SVAL(req->inbuf, smb_mdrcnt);
state->max_setup_return = CVAL(req->inbuf, smb_msrcnt);
- state->close_on_completion = BITSETW(req->inbuf+smb_vwv5,0);
- state->one_way = BITSETW(req->inbuf+smb_vwv5,1);
+ state->close_on_completion = BITSETW(req->vwv+5, 0);
+ state->one_way = BITSETW(req->vwv+5, 1);
srvstr_pull_req_talloc(state, req, &state->name, req->buf,
STR_TERMINATE);
@@ -710,10 +710,10 @@ void reply_transs(struct smb_request *req)
/* Revise total_params and total_data in case they have changed
* downwards */
- if (SVAL(req->inbuf, smb_vwv0) < state->total_param)
- state->total_param = SVAL(req->inbuf,smb_vwv0);
- if (SVAL(req->inbuf, smb_vwv1) < state->total_data)
- state->total_data = SVAL(req->inbuf,smb_vwv1);
+ if (SVAL(req->vwv+0, 0) < state->total_param)
+ state->total_param = SVAL(req->vwv+0, 0);
+ if (SVAL(req->vwv+1, 0) < state->total_data)
+ state->total_data = SVAL(req->vwv+1, 0);
av_size = smb_len(req->inbuf);
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 000055470e..83b0ff6cd3 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1243,8 +1243,8 @@ void reply_ntrename(struct smb_request *req)
return;
}
- attrs = SVAL(req->inbuf,smb_vwv0);
- rename_type = SVAL(req->inbuf,smb_vwv1);
+ attrs = SVAL(req->vwv+0, 0);
+ rename_type = SVAL(req->vwv+1, 0);
p = (const char *)req->buf + 1;
p += srvstr_get_path_req_wcard(ctx, req, &oldname, p, STR_TERMINATE,
diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c
index 0f4a0d7fec..b52b1b02d0 100644
--- a/source3/smbd/pipes.c
+++ b/source3/smbd/pipes.c
@@ -118,8 +118,8 @@ void reply_open_pipe_and_X(connection_struct *conn, struct smb_request *req)
void reply_pipe_write(struct smb_request *req)
{
- files_struct *fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
- size_t numtowrite = SVAL(req->inbuf,smb_vwv1);
+ files_struct *fsp = file_fsp(req, SVAL(req->vwv+0, 0));
+ size_t numtowrite = SVAL(req->vwv+1, 0);
ssize_t nwritten;
const uint8_t *data;
@@ -170,13 +170,12 @@ void reply_pipe_write(struct smb_request *req)
void reply_pipe_write_and_X(struct smb_request *req)
{
- files_struct *fsp = file_fsp(req, SVAL(req->inbuf, smb_vwv2));
- size_t numtowrite = SVAL(req->inbuf,smb_vwv10);
+ files_struct *fsp = file_fsp(req, SVAL(req->vwv+2, 0));
+ size_t numtowrite = SVAL(req->vwv+10, 0);
ssize_t nwritten;
- int smb_doff = SVAL(req->inbuf, smb_vwv11);
+ int smb_doff = SVAL(req->vwv+11, 0);
bool pipe_start_message_raw =
- ((SVAL(req->inbuf, smb_vwv7)
- & (PIPE_START_MESSAGE|PIPE_RAW_MODE))
+ ((SVAL(req->vwv+7, 0) & (PIPE_START_MESSAGE|PIPE_RAW_MODE))
== (PIPE_START_MESSAGE|PIPE_RAW_MODE));
uint8_t *data;
@@ -246,9 +245,9 @@ void reply_pipe_write_and_X(struct smb_request *req)
void reply_pipe_read_and_X(struct smb_request *req)
{
- files_struct *fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
- int smb_maxcnt = SVAL(req->inbuf,smb_vwv5);
- int smb_mincnt = SVAL(req->inbuf,smb_vwv6);
+ files_struct *fsp = file_fsp(req, SVAL(req->vwv+0, 0));
+ int smb_maxcnt = SVAL(req->vwv+5, 0);
+ int smb_mincnt = SVAL(req->vwv+6, 0);
ssize_t nread;
uint8_t *data;
bool unused;
@@ -258,7 +257,7 @@ void reply_pipe_read_and_X(struct smb_request *req)
is deliberate, instead we always return the next lump of
data on the pipe */
#if 0
- uint32 smb_offs = IVAL(req->inbuf,smb_vwv3);
+ uint32 smb_offs = IVAL(req->vwv+3, 0);
#endif
if (!fsp_is_np(fsp)) {
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index bd665f3868..e32eea96a6 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -375,6 +375,7 @@ void init_smb_request(struct smb_request *req,
req->vuid = SVAL(inbuf, smb_uid);
req->tid = SVAL(inbuf, smb_tid);
req->wct = CVAL(inbuf, smb_wct);
+ req->vwv = (uint16_t *)(inbuf+smb_vwv);
req->buflen = smb_buflen(inbuf);
req->buf = (const uint8_t *)smb_buf(inbuf);
req->unread_bytes = unread_bytes;
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index c7722804b3..2aa3c1b841 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -568,8 +568,8 @@ void reply_tcon_and_X(struct smb_request *req)
return;
}
- passlen = SVAL(req->inbuf,smb_vwv3);
- tcon_flags = SVAL(req->inbuf,smb_vwv2);
+ passlen = SVAL(req->vwv+3, 0);
+ tcon_flags = SVAL(req->vwv+2, 0);
/* we might have to close an old one */
if ((tcon_flags & 0x1) && conn) {
@@ -764,8 +764,8 @@ void reply_ioctl(struct smb_request *req)
return;
}
- device = SVAL(req->inbuf,smb_vwv1);
- function = SVAL(req->inbuf,smb_vwv2);
+ device = SVAL(req->vwv+1, 0);
+ function = SVAL(req->vwv+2, 0);
ioctl_code = (device << 16) + function;
DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
@@ -792,7 +792,7 @@ void reply_ioctl(struct smb_request *req)
case IOCTL_QUERY_JOB_INFO:
{
files_struct *fsp = file_fsp(
- req, SVAL(req->inbuf, smb_vwv0));
+ req, SVAL(req->vwv+0, 0));
if (!fsp) {
reply_doserror(req, ERRDOS, ERRbadfid);
END_PROFILE(SMBioctl);
@@ -871,7 +871,7 @@ void reply_checkpath(struct smb_request *req)
goto path_err;
}
- DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->inbuf,smb_vwv0)));
+ DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
status = unix_convert(ctx, conn, name, False, &name, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
@@ -1102,8 +1102,8 @@ void reply_setatr(struct smb_request *req)
return;
}
- mode = SVAL(req->inbuf,smb_vwv0);
- mtime = srv_make_unix_date3(req->inbuf+smb_vwv1);
+ mode = SVAL(req->vwv+0, 0);
+ mtime = srv_make_unix_date3(req->vwv+1);
ts[1] = convert_time_t_to_timespec(mtime);
status = smb_set_file_time(conn, NULL, fname,
@@ -1238,8 +1238,8 @@ void reply_search(struct smb_request *req)
}
reply_outbuf(req, 1, 3);
- maxentries = SVAL(req->inbuf,smb_vwv0);
- dirtype = SVAL(req->inbuf,smb_vwv1);
+ maxentries = SVAL(req->vwv+0, 0);
+ dirtype = SVAL(req->vwv+1, 0);
p = (const char *)req->buf + 1;
p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
&nt_status, &mask_contains_wcard);
@@ -1577,8 +1577,8 @@ void reply_open(struct smb_request *req)
}
oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
- deny_mode = SVAL(req->inbuf,smb_vwv0);
- dos_attr = SVAL(req->inbuf,smb_vwv1);
+ deny_mode = SVAL(req->vwv+0, 0);
+ dos_attr = SVAL(req->vwv+1, 0);
srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
STR_TERMINATE, &status);
@@ -1677,8 +1677,8 @@ void reply_open_and_X(struct smb_request *req)
int core_oplock_request;
int oplock_request;
#if 0
- int smb_sattr = SVAL(req->inbuf,smb_vwv4);
- uint32 smb_time = make_unix_date3(req->inbuf+smb_vwv6);
+ int smb_sattr = SVAL(req->vwv+4, 0);
+ uint32 smb_time = make_unix_date3(req->vwv+6);
#endif
int smb_ofun;
uint32 fattr=0;
@@ -1703,14 +1703,14 @@ void reply_open_and_X(struct smb_request *req)
return;
}
- open_flags = SVAL(req->inbuf,smb_vwv2);
- deny_mode = SVAL(req->inbuf,smb_vwv3);
- smb_attr = SVAL(req->inbuf,smb_vwv5);
+ open_flags = SVAL(req->vwv+2, 0);
+ deny_mode = SVAL(req->vwv+3, 0);
+ smb_attr = SVAL(req->vwv+5, 0);
ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
oplock_request = ex_oplock_request | core_oplock_request;
- smb_ofun = SVAL(req->inbuf,smb_vwv8);
- allocation_size = (uint64_t)IVAL(req->inbuf,smb_vwv9);
+ smb_ofun = SVAL(req->vwv+8, 0);
+ allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
/* If it's an IPC, pass off the pipe handler. */
if (IS_IPC(conn)) {
@@ -1912,12 +1912,11 @@ void reply_mknew(struct smb_request *req)
return;
}
- fattr = SVAL(req->inbuf,smb_vwv0);
+ fattr = SVAL(req->vwv+0, 0);
oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
com = SVAL(req->inbuf,smb_com);
- ts[1] =convert_time_t_to_timespec(
- srv_make_unix_date3(req->inbuf + smb_vwv1));
+ ts[1] = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
/* mtime. */
srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
@@ -2022,7 +2021,7 @@ void reply_ctemp(struct smb_request *req)
return;
}
- fattr = SVAL(req->inbuf,smb_vwv0);
+ fattr = SVAL(req->vwv+0, 0);
oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
@@ -2493,7 +2492,7 @@ void reply_unlink(struct smb_request *req)
return;
}
- dirtype = SVAL(req->inbuf,smb_vwv0);
+ dirtype = SVAL(req->vwv+0, 0);
srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
STR_TERMINATE, &status,
@@ -2748,7 +2747,7 @@ void reply_readbraw(struct smb_request *req)
* return a zero length response here.
*/
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
/*
* We have to do a check_fsp by hand here, as
@@ -2764,7 +2763,7 @@ void reply_readbraw(struct smb_request *req)
*/
DEBUG(3,("reply_readbraw: fnum %d not valid "
"- cache prime?\n",
- (int)SVAL(req->inbuf,smb_vwv0)));
+ (int)SVAL(req->vwv+0, 0)));
reply_readbraw_error();
END_PROFILE(SMBreadbraw);
return;
@@ -2775,7 +2774,7 @@ void reply_readbraw(struct smb_request *req)
((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
(fsp->access_mask & FILE_EXECUTE)))) {
DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
- (int)SVAL(req->inbuf,smb_vwv0)));
+ (int)SVAL(req->vwv+0, 0)));
reply_readbraw_error();
END_PROFILE(SMBreadbraw);
return;
@@ -2783,14 +2782,14 @@ void reply_readbraw(struct smb_request *req)
flush_write_cache(fsp, READRAW_FLUSH);
- startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv1);
+ startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
if(req->wct == 10) {
/*
* This is a large offset (64 bit) read.
*/
#ifdef LARGE_SMB_OFF_T
- startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv8)) << 32);
+ startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
#else /* !LARGE_SMB_OFF_T */
@@ -2798,11 +2797,11 @@ void reply_readbraw(struct smb_request *req)
* Ensure we haven't been sent a >32 bit offset.
*/
- if(IVAL(req->inbuf,smb_vwv8) != 0) {
+ if(IVAL(req->vwv+8, 0) != 0) {
DEBUG(0,("reply_readbraw: large offset "
"(%x << 32) used and we don't support "
"64 bit offsets.\n",
- (unsigned int)IVAL(req->inbuf,smb_vwv8) ));
+ (unsigned int)IVAL(req->vwv+8, 0) ));
reply_readbraw_error();
END_PROFILE(SMBreadbraw);
return;
@@ -2820,8 +2819,8 @@ void reply_readbraw(struct smb_request *req)
}
}
- maxcount = (SVAL(req->inbuf,smb_vwv3) & 0xFFFF);
- mincount = (SVAL(req->inbuf,smb_vwv4) & 0xFFFF);
+ maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
+ mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
/* ensure we don't overrun the packet size */
maxcount = MIN(65535,maxcount);
@@ -2890,7 +2889,7 @@ void reply_lockread(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
if (!check_fsp(conn, req, fsp)) {
END_PROFILE(SMBlockread);
@@ -2905,8 +2904,8 @@ void reply_lockread(struct smb_request *req)
release_level_2_oplocks_on_change(fsp);
- numtoread = SVAL(req->inbuf,smb_vwv1);
- startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
+ numtoread = SVAL(req->vwv+1, 0);
+ startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
@@ -2998,7 +2997,7 @@ void reply_read(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
if (!check_fsp(conn, req, fsp)) {
END_PROFILE(SMBread);
@@ -3011,8 +3010,8 @@ void reply_read(struct smb_request *req)
return;
}
- numtoread = SVAL(req->inbuf,smb_vwv1);
- startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
+ numtoread = SVAL(req->vwv+1, 0);
+ startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
@@ -3118,7 +3117,7 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req,
* on a train in Germany :-). JRA.
*/
- if ((chain_size == 0) && (CVAL(req->inbuf,smb_vwv0) == 0xFF) &&
+ if ((chain_size == 0) && (CVAL(req->vwv+0, 0) == 0xFF) &&
!is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
uint8 headerbuf[smb_size + 12 * 2];
@@ -3232,7 +3231,7 @@ void reply_read_and_X(struct smb_request *req)
size_t smb_maxcnt;
bool big_readX = False;
#if 0
- size_t smb_mincnt = SVAL(req->inbuf,smb_vwv6);
+ size_t smb_mincnt = SVAL(req->vwv+6, 0);
#endif
START_PROFILE(SMBreadX);
@@ -3242,9 +3241,9 @@ void reply_read_and_X(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv2));
- startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
- smb_maxcnt = SVAL(req->inbuf,smb_vwv5);
+ fsp = file_fsp(req, SVAL(req->vwv+2, 0));
+ startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
+ smb_maxcnt = SVAL(req->vwv+5, 0);
/* If it's an IPC, pass off the pipe handler. */
if (IS_IPC(conn)) {
@@ -3265,11 +3264,11 @@ void reply_read_and_X(struct smb_request *req)
}
if (global_client_caps & CAP_LARGE_READX) {
- size_t upper_size = SVAL(req->inbuf,smb_vwv7);
+ size_t upper_size = SVAL(req->vwv+7, 0);
smb_maxcnt |= (upper_size<<16);
if (upper_size > 1) {
/* Can't do this on a chained packet. */
- if ((CVAL(req->inbuf,smb_vwv0) != 0xFF)) {
+ if ((CVAL(req->vwv+0, 0) != 0xFF)) {
reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
END_PROFILE(SMBreadX);
return;
@@ -3296,7 +3295,7 @@ void reply_read_and_X(struct smb_request *req)
/*
* This is a large offset (64 bit) read.
*/
- startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv10)) << 32);
+ startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
#else /* !LARGE_SMB_OFF_T */
@@ -3304,10 +3303,10 @@ void reply_read_and_X(struct smb_request *req)
* Ensure we haven't been sent a >32 bit offset.
*/
- if(IVAL(req->inbuf,smb_vwv10) != 0) {
+ if(IVAL(req->vwv+10, 0) != 0) {
DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
"used and we don't support 64 bit offsets.\n",
- (unsigned int)IVAL(req->inbuf,smb_vwv10) ));
+ (unsigned int)IVAL(req->vwv+10, 0) ));
END_PROFILE(SMBreadX);
reply_doserror(req, ERRDOS, ERRbadaccess);
return;
@@ -3390,7 +3389,7 @@ void reply_writebraw(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
if (!check_fsp(conn, req, fsp)) {
error_to_writebrawerr(req);
END_PROFILE(SMBwritebraw);
@@ -3404,9 +3403,9 @@ void reply_writebraw(struct smb_request *req)
return;
}
- tcount = IVAL(req->inbuf,smb_vwv1);
- startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
- write_through = BITSETW(req->inbuf+smb_vwv7,0);
+ tcount = IVAL(req->vwv+1, 0);
+ startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
+ write_through = BITSETW(req->vwv+7,0);
/* We have to deal with slightly different formats depending
on whether we are using the core+ or lanman1.0 protocol */
@@ -3415,8 +3414,8 @@ void reply_writebraw(struct smb_request *req)
numtowrite = SVAL(smb_buf(req->inbuf),-2);
data = smb_buf(req->inbuf);
} else {
- numtowrite = SVAL(req->inbuf,smb_vwv10);
- data = smb_base(req->inbuf) + SVAL(req->inbuf, smb_vwv11);
+ numtowrite = SVAL(req->vwv+10, 0);
+ data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
}
/* Ensure we don't write bytes past the end of this packet. */
@@ -3595,7 +3594,7 @@ void reply_writeunlock(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
if (!check_fsp(conn, req, fsp)) {
END_PROFILE(SMBwriteunlock);
@@ -3608,8 +3607,8 @@ void reply_writeunlock(struct smb_request *req)
return;
}
- numtowrite = SVAL(req->inbuf,smb_vwv1);
- startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
+ numtowrite = SVAL(req->vwv+1, 0);
+ startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
data = (const char *)req->buf + 3;
if (numtowrite
@@ -3702,7 +3701,7 @@ void reply_write(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
if (!check_fsp(conn, req, fsp)) {
END_PROFILE(SMBwrite);
@@ -3715,8 +3714,8 @@ void reply_write(struct smb_request *req)
return;
}
- numtowrite = SVAL(req->inbuf,smb_vwv1);
- startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
+ numtowrite = SVAL(req->vwv+1, 0);
+ startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
data = (const char *)req->buf + 3;
if (is_locked(fsp, (uint32)req->smbpid, (uint64_t)numtowrite,
@@ -3889,14 +3888,14 @@ void reply_write_and_X(struct smb_request *req)
return;
}
- numtowrite = SVAL(req->inbuf,smb_vwv10);
- smb_doff = SVAL(req->inbuf,smb_vwv11);
+ numtowrite = SVAL(req->vwv+10, 0);
+ smb_doff = SVAL(req->vwv+11, 0);
smblen = smb_len(req->inbuf);
if (req->unread_bytes > 0xFFFF ||
(smblen > smb_doff &&
smblen - smb_doff > 0xFFFF)) {
- numtowrite |= (((size_t)SVAL(req->inbuf,smb_vwv9))<<16);
+ numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
}
if (req->unread_bytes) {
@@ -3932,9 +3931,9 @@ void reply_write_and_X(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv2));
- startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
- write_through = BITSETW(req->inbuf+smb_vwv7,0);
+ fsp = file_fsp(req, SVAL(req->vwv+2, 0));
+ startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
+ write_through = BITSETW(req->vwv+7,0);
if (!check_fsp(conn, req, fsp)) {
END_PROFILE(SMBwriteX);
@@ -3954,7 +3953,7 @@ void reply_write_and_X(struct smb_request *req)
/*
* This is a large offset (64 bit) write.
*/
- startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv12)) << 32);
+ startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
#else /* !LARGE_SMB_OFF_T */
@@ -3962,10 +3961,10 @@ void reply_write_and_X(struct smb_request *req)
* Ensure we haven't been sent a >32 bit offset.
*/
- if(IVAL(req->inbuf,smb_vwv12) != 0) {
+ if(IVAL(req->vwv+12, 0) != 0) {
DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
"used and we don't support 64 bit offsets.\n",
- (unsigned int)IVAL(req->inbuf,smb_vwv12) ));
+ (unsigned int)IVAL(req->vwv+12, 0) ));
reply_doserror(req, ERRDOS, ERRbadaccess);
END_PROFILE(SMBwriteX);
return;
@@ -4053,7 +4052,7 @@ void reply_lseek(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
if (!check_fsp(conn, req, fsp)) {
return;
@@ -4061,9 +4060,9 @@ void reply_lseek(struct smb_request *req)
flush_write_cache(fsp, SEEK_FLUSH);
- mode = SVAL(req->inbuf,smb_vwv1) & 3;
+ mode = SVAL(req->vwv+1, 0) & 3;
/* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
- startpos = (SMB_OFF_T)IVALS(req->inbuf,smb_vwv2);
+ startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
switch (mode) {
case 0:
@@ -4138,7 +4137,7 @@ void reply_flush(struct smb_request *req)
return;
}
- fnum = SVAL(req->inbuf,smb_vwv0);
+ fnum = SVAL(req->vwv+0, 0);
fsp = file_fsp(req, fnum);
if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
@@ -4201,7 +4200,7 @@ void reply_close(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
/*
* We can only use check_fsp if we know it's not a directory.
@@ -4233,7 +4232,7 @@ void reply_close(struct smb_request *req)
* Take care of any time sent in the close.
*/
- t = srv_make_unix_date3(req->inbuf+smb_vwv1);
+ t = srv_make_unix_date3(req->vwv+1);
set_close_write_time(fsp, convert_time_t_to_timespec(t));
/*
@@ -4279,7 +4278,7 @@ void reply_writeclose(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
if (!check_fsp(conn, req, fsp)) {
END_PROFILE(SMBwriteclose);
@@ -4291,10 +4290,9 @@ void reply_writeclose(struct smb_request *req)
return;
}
- numtowrite = SVAL(req->inbuf,smb_vwv1);
- startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
- mtime = convert_time_t_to_timespec(srv_make_unix_date3(
- req->inbuf+smb_vwv4));
+ numtowrite = SVAL(req->vwv+1, 0);
+ startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
+ mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
data = (const char *)req->buf + 1;
if (numtowrite
@@ -4366,7 +4364,7 @@ void reply_lock(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
if (!check_fsp(conn, req, fsp)) {
END_PROFILE(SMBlock);
@@ -4375,8 +4373,8 @@ void reply_lock(struct smb_request *req)
release_level_2_oplocks_on_change(fsp);
- count = (uint64_t)IVAL(req->inbuf,smb_vwv1);
- offset = (uint64_t)IVAL(req->inbuf,smb_vwv3);
+ count = (uint64_t)IVAL(req->vwv+1, 0);
+ offset = (uint64_t)IVAL(req->vwv+3, 0);
DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
@@ -4425,15 +4423,15 @@ void reply_unlock(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
if (!check_fsp(conn, req, fsp)) {
END_PROFILE(SMBunlock);
return;
}
- count = (uint64_t)IVAL(req->inbuf,smb_vwv1);
- offset = (uint64_t)IVAL(req->inbuf,smb_vwv3);
+ count = (uint64_t)IVAL(req->vwv+1, 0);
+ offset = (uint64_t)IVAL(req->vwv+3, 0);
status = do_unlock(smbd_messaging_context(),
fsp,
@@ -4506,7 +4504,7 @@ void reply_echo(struct smb_request *req)
return;
}
- smb_reverb = SVAL(req->inbuf,smb_vwv0);
+ smb_reverb = SVAL(req->vwv+0, 0);
reply_outbuf(req, 1, req->buflen);
@@ -4599,7 +4597,7 @@ void reply_printclose(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
if (!check_fsp(conn, req, fsp)) {
END_PROFILE(SMBsplclose);
@@ -4647,8 +4645,8 @@ void reply_printqueue(struct smb_request *req)
return;
}
- max_count = SVAL(req->inbuf,smb_vwv0);
- start_index = SVAL(req->inbuf,smb_vwv1);
+ max_count = SVAL(req->vwv+0, 0);
+ start_index = SVAL(req->vwv+1, 0);
/* we used to allow the client to get the cnum wrong, but that
is really quite gross and only worked when there was only
@@ -4741,7 +4739,7 @@ void reply_printwrite(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
if (!check_fsp(conn, req, fsp)) {
END_PROFILE(SMBsplwr);
@@ -5862,7 +5860,7 @@ void reply_mv(struct smb_request *req)
return;
}
- attrs = SVAL(req->inbuf,smb_vwv0);
+ attrs = SVAL(req->vwv+0, 0);
p = (const char *)req->buf + 1;
p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
@@ -6102,9 +6100,9 @@ void reply_copy(struct smb_request *req)
return;
}
- tid2 = SVAL(req->inbuf,smb_vwv0);
- ofun = SVAL(req->inbuf,smb_vwv1);
- flags = SVAL(req->inbuf,smb_vwv2);
+ tid2 = SVAL(req->vwv+0, 0);
+ ofun = SVAL(req->vwv+1, 0);
+ flags = SVAL(req->vwv+2, 0);
p = (const char *)req->buf;
p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
@@ -6561,12 +6559,12 @@ void reply_lockingX(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv2));
- locktype = CVAL(req->inbuf,smb_vwv3);
- oplocklevel = CVAL(req->inbuf,smb_vwv3+1);
- num_ulocks = SVAL(req->inbuf,smb_vwv6);
- num_locks = SVAL(req->inbuf,smb_vwv7);
- lock_timeout = IVAL(req->inbuf,smb_vwv4);
+ fsp = file_fsp(req, SVAL(req->vwv+2, 0));
+ locktype = CVAL(req->vwv+3, 0);
+ oplocklevel = CVAL(req->vwv+3, 1);
+ num_ulocks = SVAL(req->vwv+6, 0);
+ num_locks = SVAL(req->vwv+7, 0);
+ lock_timeout = IVAL(req->vwv+4, 0);
large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
if (!check_fsp(conn, req, fsp)) {
@@ -6648,11 +6646,10 @@ void reply_lockingX(struct smb_request *req)
if (num_locks == 0 && num_ulocks == 0) {
/* Sanity check - ensure a pure oplock break is not a
chained request. */
- if(CVAL(req->inbuf,smb_vwv0) != 0xff)
+ if(CVAL(req->vwv+0, 0) != 0xff)
DEBUG(0,("reply_lockingX: Error : pure oplock "
"break is a chained %d request !\n",
- (unsigned int)CVAL(req->inbuf,
- smb_vwv0) ));
+ (unsigned int)CVAL(req->vwv+0, 0)));
END_PROFILE(SMBlockingX);
return;
}
@@ -6937,7 +6934,7 @@ void reply_setattrE(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
if(!fsp || (fsp->conn != conn)) {
reply_doserror(req, ERRDOS, ERRbadfid);
@@ -6952,9 +6949,9 @@ void reply_setattrE(struct smb_request *req)
*/
ts[0] = convert_time_t_to_timespec(
- srv_make_unix_date2(req->inbuf+smb_vwv3)); /* atime. */
+ srv_make_unix_date2(req->vwv+3)); /* atime. */
ts[1] = convert_time_t_to_timespec(
- srv_make_unix_date2(req->inbuf+smb_vwv5)); /* mtime. */
+ srv_make_unix_date2(req->vwv+5)); /* mtime. */
reply_outbuf(req, 0, 0);
@@ -7048,7 +7045,7 @@ void reply_getattrE(struct smb_request *req)
return;
}
- fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv0));
+ fsp = file_fsp(req, SVAL(req->vwv+0, 0));
if(!fsp || (fsp->conn != conn)) {
reply_doserror(req, ERRDOS, ERRbadfid);
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 798c84ad6b..fde6cdc160 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -1169,7 +1169,7 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
const char *native_lanman;
const char *primary_domain;
const char *p2;
- uint16 data_blob_len = SVAL(req->inbuf, smb_vwv7);
+ uint16 data_blob_len = SVAL(req->vwv+7, 0);
enum remote_arch_types ra_type = get_remote_arch();
int vuid = SVAL(req->inbuf,smb_uid);
user_struct *vuser = NULL;
@@ -1179,7 +1179,7 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
DEBUG(3,("Doing spnego session setup\n"));
if (global_client_caps == 0) {
- global_client_caps = IVAL(req->inbuf,smb_vwv10);
+ global_client_caps = IVAL(req->vwv+10, 0);
if (!(global_client_caps & CAP_STATUS32)) {
remove_from_common_flags2(FLAGS2_32_BIT_ERROR_CODES);
@@ -1438,7 +1438,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
return;
}
- if (SVAL(req->inbuf,smb_vwv4) == 0) {
+ if (SVAL(req->vwv+4, 0) == 0) {
setup_new_vc_session();
}
@@ -1447,10 +1447,10 @@ void reply_sesssetup_and_X(struct smb_request *req)
return;
}
- smb_bufsize = SVAL(req->inbuf,smb_vwv2);
+ smb_bufsize = SVAL(req->vwv+2, 0);
if (Protocol < PROTOCOL_NT1) {
- uint16 passlen1 = SVAL(req->inbuf,smb_vwv7);
+ uint16 passlen1 = SVAL(req->vwv+7, 0);
/* Never do NT status codes with protocols before NT1 as we
* don't get client caps. */
@@ -1478,8 +1478,8 @@ void reply_sesssetup_and_X(struct smb_request *req)
domain = "";
} else {
- uint16 passlen1 = SVAL(req->inbuf,smb_vwv7);
- uint16 passlen2 = SVAL(req->inbuf,smb_vwv8);
+ uint16 passlen1 = SVAL(req->vwv+7, 0);
+ uint16 passlen2 = SVAL(req->vwv+8, 0);
enum remote_arch_types ra_type = get_remote_arch();
const uint8_t *p = req->buf;
const uint8_t *save_p = req->buf;
@@ -1487,7 +1487,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
if(global_client_caps == 0) {
- global_client_caps = IVAL(req->inbuf,smb_vwv11);
+ global_client_caps = IVAL(req->vwv+11, 0);
if (!(global_client_caps & CAP_STATUS32)) {
remove_from_common_flags2(
@@ -1613,7 +1613,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
* Windows 9x does not include a string here at all so we have
* to check if we have any extra bytes left */
- byte_count = SVAL(req->inbuf, smb_vwv13);
+ byte_count = SVAL(req->vwv+13, 0);
if ( PTR_DIFF(p, save_p) < byte_count) {
p += srvstr_pull_req_talloc(talloc_tos(), req, &tmp, p,
STR_TERMINATE);
@@ -1635,7 +1635,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
}
- if (SVAL(req->inbuf,smb_vwv4) == 0) {
+ if (SVAL(req->vwv+4, 0) == 0) {
setup_new_vc_session();
}
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index a450a56e72..f9376fc292 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -7254,7 +7254,7 @@ static void call_trans2ioctl(connection_struct *conn,
unsigned int max_data_bytes)
{
char *pdata = *ppdata;
- files_struct *fsp = file_fsp(req, SVAL(req->inbuf,smb_vwv15));
+ files_struct *fsp = file_fsp(req, SVAL(req->vwv+15, 0));
/* check for an invalid fid before proceeding */
@@ -7307,7 +7307,7 @@ void reply_findclose(struct smb_request *req)
return;
}
- dptr_num = SVALS(req->inbuf,smb_vwv0);
+ dptr_num = SVALS(req->vwv+0, 0);
DEBUG(3,("reply_findclose, dptr_num = %d\n", dptr_num));
@@ -7337,7 +7337,7 @@ void reply_findnclose(struct smb_request *req)
return;
}
- dptr_num = SVAL(req->inbuf,smb_vwv0);
+ dptr_num = SVAL(req->vwv+0, 0);
DEBUG(3,("reply_findnclose, dptr_num = %d\n", dptr_num));
@@ -7593,8 +7593,8 @@ void reply_trans2(struct smb_request *req)
state->max_param_return = SVAL(req->inbuf, smb_mprcnt);
state->max_data_return = SVAL(req->inbuf, smb_mdrcnt);
state->max_setup_return = SVAL(req->inbuf, smb_msrcnt);
- state->close_on_completion = BITSETW(req->inbuf+smb_vwv5,0);
- state->one_way = BITSETW(req->inbuf+smb_vwv5,1);
+ state->close_on_completion = BITSETW(req->vwv+5, 0);
+ state->one_way = BITSETW(req->vwv+5, 1);
state->call = tran_call;