summaryrefslogtreecommitdiff
path: root/source3/libsmb
diff options
context:
space:
mode:
Diffstat (limited to 'source3/libsmb')
-rw-r--r--source3/libsmb/clirap.c31
-rw-r--r--source3/libsmb/clirap.h4
2 files changed, 28 insertions, 7 deletions
diff --git a/source3/libsmb/clirap.c b/source3/libsmb/clirap.c
index 731ddfb8c1..96003c1640 100644
--- a/source3/libsmb/clirap.c
+++ b/source3/libsmb/clirap.c
@@ -1064,23 +1064,44 @@ static bool parse_streams_blob(TALLOC_CTX *mem_ctx, const uint8_t *rdata,
Send a qfileinfo QUERY_FILE_NAME_INFO call.
****************************************************************************/
-NTSTATUS cli_qfilename(struct cli_state *cli, uint16_t fnum, char *name,
- size_t namelen)
+NTSTATUS cli_qfilename(struct cli_state *cli, uint16_t fnum,
+ TALLOC_CTX *mem_ctx, char **_name)
{
+ uint16_t recv_flags2;
uint8_t *rdata;
uint32_t num_rdata;
NTSTATUS status;
+ char *name = NULL;
+ uint32_t namelen;
status = cli_qfileinfo(talloc_tos(), cli, fnum,
SMB_QUERY_FILE_NAME_INFO,
- 4, cli->max_xmit, NULL,
+ 4, cli->max_xmit, &recv_flags2,
&rdata, &num_rdata);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- clistr_pull((const char *)rdata, name, rdata+4, namelen, IVAL(rdata, 0),
- STR_UNICODE);
+ namelen = IVAL(rdata, 0);
+ if (namelen > (num_rdata - 4)) {
+ TALLOC_FREE(rdata);
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ }
+
+ clistr_pull_talloc(mem_ctx,
+ (const char *)rdata,
+ recv_flags2,
+ &name,
+ rdata + 4,
+ namelen,
+ STR_UNICODE);
+ if (name == NULL) {
+ status = map_nt_error_from_unix(errno);
+ TALLOC_FREE(rdata);
+ return status;
+ }
+
+ *_name = name;
TALLOC_FREE(rdata);
return NT_STATUS_OK;
}
diff --git a/source3/libsmb/clirap.h b/source3/libsmb/clirap.h
index 1716e17eec..de770dba7e 100644
--- a/source3/libsmb/clirap.h
+++ b/source3/libsmb/clirap.h
@@ -94,8 +94,8 @@ NTSTATUS cli_qpathinfo_streams(struct cli_state *cli, const char *fname,
TALLOC_CTX *mem_ctx,
unsigned int *pnum_streams,
struct stream_struct **pstreams);
-NTSTATUS cli_qfilename(struct cli_state *cli, uint16_t fnum, char *name,
- size_t namelen);
+NTSTATUS cli_qfilename(struct cli_state *cli, uint16_t fnum,
+ TALLOC_CTX *mem_ctx, char **name);
NTSTATUS cli_qfileinfo_basic(struct cli_state *cli, uint16_t fnum,
uint16 *mode, SMB_OFF_T *size,
struct timespec *create_time,