summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/smbd/process.c2
-rw-r--r--source3/smbd/reply.c85
2 files changed, 53 insertions, 34 deletions
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 883c39c532..1241741449 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -704,7 +704,7 @@ static const struct smb_message_struct {
/* 0x0b */ { "SMBwrite",reply_write,NULL,AS_USER | CAN_IPC },
/* 0x0c */ { "SMBlock",reply_lock,NULL,AS_USER},
/* 0x0d */ { "SMBunlock",reply_unlock,NULL,AS_USER},
-/* 0x0e */ { "SMBctemp",reply_ctemp,NULL,AS_USER },
+/* 0x0e */ { "SMBctemp",NULL,reply_ctemp,AS_USER },
/* 0x0f */ { "SMBmknew",NULL,reply_mknew,AS_USER},
/* 0x10 */ { "SMBcheckpath",NULL,reply_checkpath,AS_USER},
/* 0x11 */ { "SMBexit",NULL,reply_exit,DO_CHDIR},
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 864125fd04..87e3e29a4a 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -1924,29 +1924,35 @@ void reply_mknew(connection_struct *conn, struct smb_request *req)
Reply to a create temporary file.
****************************************************************************/
-int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
+void reply_ctemp(connection_struct *conn, struct smb_request *req)
{
pstring fname;
- int outsize = 0;
- uint32 fattr = SVAL(inbuf,smb_vwv0);
+ uint32 fattr;
files_struct *fsp;
- int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
+ int oplock_request;
int tmpfd;
SMB_STRUCT_STAT sbuf;
- char *p, *s;
+ char *s;
NTSTATUS status;
- unsigned int namelen;
- struct smb_request req;
START_PROFILE(SMBctemp);
- init_smb_request(&req, (uint8 *)inbuf);
+ if (req->wct < 3) {
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ END_PROFILE(SMBctemp);
+ return;
+ }
- srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf)+1,
- sizeof(fname), 0, STR_TERMINATE, &status);
+ fattr = SVAL(req->inbuf,smb_vwv0);
+ oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
+
+ srvstr_get_path((char *)req->inbuf, req->flags2, fname,
+ smb_buf(req->inbuf)+1, sizeof(fname), 0, STR_TERMINATE,
+ &status);
if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, status);
END_PROFILE(SMBctemp);
- return ERROR_NT(status);
+ return;
}
if (*fname) {
pstrcat(fname,"/TMXXXXXX");
@@ -1954,37 +1960,45 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
pstrcat(fname,"TMXXXXXX");
}
- status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
+ status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
+ fname);
if (!NT_STATUS_IS_OK(status)) {
- END_PROFILE(SMBctemp);
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
- return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
+ reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
+ ERRSRV, ERRbadpath);
+ END_PROFILE(SMBctemp);
+ return;
}
- return ERROR_NT(status);
+ reply_nterror(req, status);
+ END_PROFILE(SMBctemp);
+ return;
}
status = unix_convert(conn, fname, False, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, status);
END_PROFILE(SMBctemp);
- return ERROR_NT(status);
+ return;
}
status = check_name(conn, fname);
if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, status);
END_PROFILE(SMBctemp);
- return ERROR_NT(status);
+ return;
}
tmpfd = smb_mkstemp(fname);
if (tmpfd == -1) {
+ reply_unixerror(req, ERRDOS, ERRnoaccess);
END_PROFILE(SMBctemp);
- return(UNIXERROR(ERRDOS,ERRnoaccess));
+ return;
}
SMB_VFS_STAT(conn,fname,&sbuf);
/* We should fail if file does not exist. */
- status = open_file_ntcreate(conn, &req, fname, &sbuf,
+ status = open_file_ntcreate(conn, req, fname, &sbuf,
FILE_GENERIC_READ | FILE_GENERIC_WRITE,
FILE_SHARE_READ|FILE_SHARE_WRITE,
FILE_OPEN,
@@ -1997,16 +2011,18 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
close(tmpfd);
if (!NT_STATUS_IS_OK(status)) {
- END_PROFILE(SMBctemp);
- if (open_was_deferred(SVAL(inbuf,smb_mid))) {
+ if (open_was_deferred(req->mid)) {
/* We have re-scheduled this call. */
- return -1;
+ END_PROFILE(SMBctemp);
+ return;
}
- return ERROR_NT(status);
+ reply_nterror(req, status);
+ END_PROFILE(SMBctemp);
+ return;
}
- outsize = set_message(inbuf,outbuf,1,0,True);
- SSVAL(outbuf,smb_vwv0,fsp->fnum);
+ reply_outbuf(req, 1, 0);
+ SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
/* the returned filename is relative to the directory */
s = strrchr_m(fname, '/');
@@ -2016,23 +2032,26 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
s++;
}
- p = smb_buf(outbuf);
#if 0
/* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
thing in the byte section. JRA */
SSVALS(p, 0, -1); /* what is this? not in spec */
#endif
- namelen = srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p, s, -1,
- STR_ASCII|STR_TERMINATE);
- p += namelen;
- outsize = set_message_end(inbuf,outbuf, p);
+ if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
+ == -1) {
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ END_PROFILE(SMBctemp);
+ return;
+ }
if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
- SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
+ SCVAL(req->outbuf, smb_flg,
+ CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
}
if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
- SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
+ SCVAL(req->outbuf, smb_flg,
+ CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
}
DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) );
@@ -2040,7 +2059,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
(unsigned int)sbuf.st_mode ) );
END_PROFILE(SMBctemp);
- return(outsize);
+ return;
}
/*******************************************************************