diff options
Diffstat (limited to 'source3/libsmb')
-rw-r--r-- | source3/libsmb/clirap.c | 31 | ||||
-rw-r--r-- | source3/libsmb/clirap.h | 4 |
2 files changed, 28 insertions, 7 deletions
diff --git a/source3/libsmb/clirap.c b/source3/libsmb/clirap.c index 731ddfb8c1..96003c1640 100644 --- a/source3/libsmb/clirap.c +++ b/source3/libsmb/clirap.c @@ -1064,23 +1064,44 @@ static bool parse_streams_blob(TALLOC_CTX *mem_ctx, const uint8_t *rdata, Send a qfileinfo QUERY_FILE_NAME_INFO call. ****************************************************************************/ -NTSTATUS cli_qfilename(struct cli_state *cli, uint16_t fnum, char *name, - size_t namelen) +NTSTATUS cli_qfilename(struct cli_state *cli, uint16_t fnum, + TALLOC_CTX *mem_ctx, char **_name) { + uint16_t recv_flags2; uint8_t *rdata; uint32_t num_rdata; NTSTATUS status; + char *name = NULL; + uint32_t namelen; status = cli_qfileinfo(talloc_tos(), cli, fnum, SMB_QUERY_FILE_NAME_INFO, - 4, cli->max_xmit, NULL, + 4, cli->max_xmit, &recv_flags2, &rdata, &num_rdata); if (!NT_STATUS_IS_OK(status)) { return status; } - clistr_pull((const char *)rdata, name, rdata+4, namelen, IVAL(rdata, 0), - STR_UNICODE); + namelen = IVAL(rdata, 0); + if (namelen > (num_rdata - 4)) { + TALLOC_FREE(rdata); + return NT_STATUS_INVALID_NETWORK_RESPONSE; + } + + clistr_pull_talloc(mem_ctx, + (const char *)rdata, + recv_flags2, + &name, + rdata + 4, + namelen, + STR_UNICODE); + if (name == NULL) { + status = map_nt_error_from_unix(errno); + TALLOC_FREE(rdata); + return status; + } + + *_name = name; TALLOC_FREE(rdata); return NT_STATUS_OK; } diff --git a/source3/libsmb/clirap.h b/source3/libsmb/clirap.h index 1716e17eec..de770dba7e 100644 --- a/source3/libsmb/clirap.h +++ b/source3/libsmb/clirap.h @@ -94,8 +94,8 @@ NTSTATUS cli_qpathinfo_streams(struct cli_state *cli, const char *fname, TALLOC_CTX *mem_ctx, unsigned int *pnum_streams, struct stream_struct **pstreams); -NTSTATUS cli_qfilename(struct cli_state *cli, uint16_t fnum, char *name, - size_t namelen); +NTSTATUS cli_qfilename(struct cli_state *cli, uint16_t fnum, + TALLOC_CTX *mem_ctx, char **name); NTSTATUS cli_qfileinfo_basic(struct cli_state *cli, uint16_t fnum, uint16 *mode, SMB_OFF_T *size, struct timespec *create_time, |