summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/libcli/clireadwrite.c1
-rw-r--r--source4/libcli/raw/interfaces.h1
-rw-r--r--source4/libcli/raw/rawreadwrite.c3
-rw-r--r--source4/libcli/smb_composite/loadfile.c1
-rw-r--r--source4/librpc/rpc/dcerpc_smb.c1
-rw-r--r--source4/ntvfs/ntvfs_generic.c1
-rw-r--r--source4/ntvfs/posix/pvfs_read.c2
-rw-r--r--source4/smb_server/smb/reply.c5
-rw-r--r--source4/torture/basic/denytest.c30
-rw-r--r--source4/torture/gentest.c1
-rw-r--r--source4/torture/nbench/nbio.c1
-rw-r--r--source4/torture/raw/read.c2
12 files changed, 40 insertions, 9 deletions
diff --git a/source4/libcli/clireadwrite.c b/source4/libcli/clireadwrite.c
index afffba968a..03d1864a5d 100644
--- a/source4/libcli/clireadwrite.c
+++ b/source4/libcli/clireadwrite.c
@@ -56,6 +56,7 @@ ssize_t smbcli_read(struct smbcli_tree *tree, int fnum, void *_buf, off_t offset
parms.readx.in.mincnt = readsize;
parms.readx.in.maxcnt = readsize;
parms.readx.in.remaining = size - total;
+ parms.readx.in.read_for_execute = False;
parms.readx.out.data = buf + total;
status = smb_raw_read(tree, &parms);
diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h
index e476a00b68..086686b9e9 100644
--- a/source4/libcli/raw/interfaces.h
+++ b/source4/libcli/raw/interfaces.h
@@ -1352,6 +1352,7 @@ union smb_read {
uint16_t mincnt;
uint32_t maxcnt;
uint16_t remaining;
+ BOOL read_for_execute;
} in;
struct {
uint8_t *data;
diff --git a/source4/libcli/raw/rawreadwrite.c b/source4/libcli/raw/rawreadwrite.c
index 00dc71971e..c4e2ab2498 100644
--- a/source4/libcli/raw/rawreadwrite.c
+++ b/source4/libcli/raw/rawreadwrite.c
@@ -84,6 +84,9 @@ struct smbcli_request *smb_raw_read_send(struct smbcli_tree *tree, union smb_rea
if (bigoffset) {
SIVAL(req->out.vwv, VWV(10),parms->readx.in.offset>>32);
}
+ if (parms->readx.in.read_for_execute) {
+ req->flags2 |= FLAGS2_READ_PERMIT_EXECUTE;
+ }
break;
}
diff --git a/source4/libcli/smb_composite/loadfile.c b/source4/libcli/smb_composite/loadfile.c
index 9a593c0726..db074bfd2b 100644
--- a/source4/libcli/smb_composite/loadfile.c
+++ b/source4/libcli/smb_composite/loadfile.c
@@ -106,6 +106,7 @@ static NTSTATUS loadfile_open(struct composite_context *c,
state->io_read->readx.in.mincnt = MIN(32768, io->out.size);
state->io_read->readx.in.maxcnt = state->io_read->readx.in.mincnt;
state->io_read->readx.in.remaining = 0;
+ state->io_read->readx.in.read_for_execute = False;
state->io_read->readx.out.data = io->out.data;
state->req = smb_raw_read_send(tree, state->io_read);
diff --git a/source4/librpc/rpc/dcerpc_smb.c b/source4/librpc/rpc/dcerpc_smb.c
index cf82f1daed..bac91ef134 100644
--- a/source4/librpc/rpc/dcerpc_smb.c
+++ b/source4/librpc/rpc/dcerpc_smb.c
@@ -157,6 +157,7 @@ static NTSTATUS send_read_request_continue(struct dcerpc_connection *c, DATA_BLO
io->readx.in.maxcnt = io->readx.in.mincnt;
io->readx.in.offset = 0;
io->readx.in.remaining = 0;
+ io->readx.in.read_for_execute = False;
io->readx.out.data = state->data.data + state->received;
req = smb_raw_read_send(smb->tree, io);
if (req == NULL) {
diff --git a/source4/ntvfs/ntvfs_generic.c b/source4/ntvfs/ntvfs_generic.c
index e373c7a28e..e4bc963882 100644
--- a/source4/ntvfs/ntvfs_generic.c
+++ b/source4/ntvfs/ntvfs_generic.c
@@ -1158,6 +1158,7 @@ _PUBLIC_ NTSTATUS ntvfs_map_read(struct ntvfs_module_context *ntvfs,
}
rd2->readx.level = RAW_READ_READX;
+ rd2->readx.in.read_for_execute = False;
switch (rd->generic.level) {
case RAW_READ_READX:
diff --git a/source4/ntvfs/posix/pvfs_read.c b/source4/ntvfs/posix/pvfs_read.c
index 15c9111d61..a6b7cf6dd0 100644
--- a/source4/ntvfs/posix/pvfs_read.c
+++ b/source4/ntvfs/posix/pvfs_read.c
@@ -51,7 +51,7 @@ NTSTATUS pvfs_read(struct ntvfs_module_context *ntvfs,
}
mask = SEC_FILE_READ_DATA;
- if (req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) {
+ if (rd->readx.in.read_for_execute) {
mask |= SEC_FILE_EXECUTE;
}
if (!(f->access_mask & mask)) {
diff --git a/source4/smb_server/smb/reply.c b/source4/smb_server/smb/reply.c
index d4c98ab416..8b6dedb81a 100644
--- a/source4/smb_server/smb/reply.c
+++ b/source4/smb_server/smb/reply.c
@@ -900,6 +900,11 @@ void smbsrv_reply_read_and_X(struct smbsrv_request *req)
io->readx.in.maxcnt = SVAL(req->in.vwv, VWV(5));
io->readx.in.mincnt = SVAL(req->in.vwv, VWV(6));
io->readx.in.remaining = SVAL(req->in.vwv, VWV(9));
+ if (req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) {
+ io->readx.in.read_for_execute = True;
+ } else {
+ io->readx.in.read_for_execute = False;
+ }
if (req->smb_conn->negotiate.client_caps & CAP_LARGE_READX) {
uint32_t high_part = IVAL(req->in.vwv, VWV(7));
diff --git a/source4/torture/basic/denytest.c b/source4/torture/basic/denytest.c
index 646714a4e9..5715238fca 100644
--- a/source4/torture/basic/denytest.c
+++ b/source4/torture/basic/denytest.c
@@ -1693,7 +1693,7 @@ static const char *bit_string(TALLOC_CTX *mem_ctx, const struct bit_value *bv, i
determine if two opens conflict
*/
static NTSTATUS predict_share_conflict(uint32_t sa1, uint32_t am1, uint32_t sa2, uint32_t am2,
- uint16_t flags2, enum deny_result *res)
+ BOOL read_for_execute, enum deny_result *res)
{
#define CHECK_MASK(am, sa, right, share) do { \
if (((am) & (right)) && !((sa) & (share))) { \
@@ -1707,8 +1707,7 @@ static NTSTATUS predict_share_conflict(uint32_t sa1, uint32_t am1, uint32_t sa2,
}
if (am2 & SEC_FILE_READ_DATA) {
*res += A_R;
- } else if ((am2 & SEC_FILE_EXECUTE) &&
- (flags2 & FLAGS2_READ_PERMIT_EXECUTE)) {
+ } else if ((am2 & SEC_FILE_EXECUTE) && read_for_execute) {
*res += A_R;
}
@@ -1822,6 +1821,7 @@ static BOOL torture_ntdenytest(struct smbcli_state *cli1, struct smbcli_state *c
int b_am1 = random() & ((1<<nbits2)-1);
int b_sa2 = random() & ((1<<nbits1)-1);
int b_am2 = random() & ((1<<nbits2)-1);
+ BOOL read_for_execute;
progress_bar(i, torture_numops);
@@ -1835,9 +1835,9 @@ static BOOL torture_ntdenytest(struct smbcli_state *cli1, struct smbcli_state *c
status2 = smb_raw_open(cli2->tree, mem_ctx, &io2);
if (random() % 2 == 0) {
- cli2->tree->session->flags2 |= FLAGS2_READ_PERMIT_EXECUTE;
+ read_for_execute = True;
} else {
- cli2->tree->session->flags2 &= ~FLAGS2_READ_PERMIT_EXECUTE;
+ read_for_execute = False;
}
if (!NT_STATUS_IS_OK(status1)) {
@@ -1845,9 +1845,23 @@ static BOOL torture_ntdenytest(struct smbcli_state *cli1, struct smbcli_state *c
} else if (!NT_STATUS_IS_OK(status2)) {
res = A_0;
} else {
+ union smb_read r;
+ NTSTATUS status;
+
+ /* we can't use smbcli_read() as we need to
+ set read_for_execute */
+ r.readx.level = RAW_READ_READX;
+ r.readx.file.fnum = io2.ntcreatex.file.fnum;
+ r.readx.in.offset = 0;
+ r.readx.in.mincnt = sizeof(buf);
+ r.readx.in.maxcnt = sizeof(buf);
+ r.readx.in.remaining = 0;
+ r.readx.in.read_for_execute = read_for_execute;
+ r.readx.out.data = buf;
+
res = A_0;
- if (smbcli_read(cli2->tree,
- io2.ntcreatex.file.fnum, buf, 0, sizeof(buf)) >= 1) {
+ status = smb_raw_read(cli2->tree, &r);
+ if (NT_STATUS_IS_OK(status)) {
res += A_R;
}
if (smbcli_write(cli2->tree,
@@ -1867,7 +1881,7 @@ static BOOL torture_ntdenytest(struct smbcli_state *cli1, struct smbcli_state *c
io1.ntcreatex.in.access_mask,
io2.ntcreatex.in.share_access,
io2.ntcreatex.in.access_mask,
- cli2->tree->session->flags2,
+ read_for_execute,
&res2);
GetTimeOfDay(&tv);
diff --git a/source4/torture/gentest.c b/source4/torture/gentest.c
index 9a268c57b5..79ce27e2df 100644
--- a/source4/torture/gentest.c
+++ b/source4/torture/gentest.c
@@ -1351,6 +1351,7 @@ static BOOL handler_readx(int instance)
parm[0].readx.in.mincnt = gen_io_count();
parm[0].readx.in.maxcnt = gen_io_count();
parm[0].readx.in.remaining = gen_io_count();
+ parm[0].readx.in.read_for_execute = gen_bool();
parm[0].readx.out.data = talloc_size(current_op.mem_ctx,
MAX(parm[0].readx.in.mincnt, parm[0].readx.in.maxcnt));
diff --git a/source4/torture/nbench/nbio.c b/source4/torture/nbench/nbio.c
index c5cebdc8d2..76728eb7b5 100644
--- a/source4/torture/nbench/nbio.c
+++ b/source4/torture/nbench/nbio.c
@@ -437,6 +437,7 @@ void nb_readx(int handle, int offset, int size, int ret_size, NTSTATUS status)
io.readx.in.mincnt = size;
io.readx.in.maxcnt = size;
io.readx.in.remaining = 0;
+ io.readx.in.read_for_execute = False;
io.readx.out.data = buf;
ret = smb_raw_read(c->tree, &io);
diff --git a/source4/torture/raw/read.c b/source4/torture/raw/read.c
index 2e5a06df63..d41f0a025d 100644
--- a/source4/torture/raw/read.c
+++ b/source4/torture/raw/read.c
@@ -382,6 +382,7 @@ static BOOL test_readx(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
io.readx.in.maxcnt = 1;
io.readx.in.offset = 0;
io.readx.in.remaining = 0;
+ io.readx.in.read_for_execute = False;
io.readx.out.data = buf;
status = smb_raw_read(cli->tree, &io);
@@ -411,6 +412,7 @@ static BOOL test_readx(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
io.readx.file.fnum = fnum;
io.readx.in.offset = 0;
io.readx.in.remaining = 0;
+ io.readx.in.read_for_execute = False;
io.readx.in.mincnt = strlen(test_data);
io.readx.in.maxcnt = strlen(test_data);
status = smb_raw_read(cli->tree, &io);