summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/aio.c2
-rw-r--r--source3/smbd/blocking.c6
-rw-r--r--source3/smbd/error.c12
-rw-r--r--source3/smbd/ipc.c179
-rw-r--r--source3/smbd/lanman.c24
-rw-r--r--source3/smbd/message.c8
-rw-r--r--source3/smbd/negprot.c14
-rw-r--r--source3/smbd/notify.c5
-rw-r--r--source3/smbd/nttrans.c56
-rw-r--r--source3/smbd/oplock.c2
-rw-r--r--source3/smbd/pipes.c12
-rw-r--r--source3/smbd/process.c6
-rw-r--r--source3/smbd/reply.c124
-rw-r--r--source3/smbd/sesssetup.c25
-rw-r--r--source3/smbd/trans2.c41
15 files changed, 307 insertions, 209 deletions
diff --git a/source3/smbd/aio.c b/source3/smbd/aio.c
index 6b403e1e36..0d4760a266 100644
--- a/source3/smbd/aio.c
+++ b/source3/smbd/aio.c
@@ -418,7 +418,7 @@ static int handle_aio_read_complete(struct aio_extra *aio_ex)
aio_ex->acb.aio_nbytes, (int)nread ) );
}
- smb_setlen(outbuf,outsize - 4,aio_ex->inbuf);
+ smb_setlen(aio_ex->inbuf,outbuf,outsize - 4);
show_msg(outbuf);
if (!send_smb(smbd_server_fd(),outbuf)) {
exit_server_cleanly("handle_aio_read_complete: send_smb "
diff --git a/source3/smbd/blocking.c b/source3/smbd/blocking.c
index 58953bac11..d0caa29597 100644
--- a/source3/smbd/blocking.c
+++ b/source3/smbd/blocking.c
@@ -240,7 +240,7 @@ BOOL push_blocking_lock_request( struct byte_range_lock *br_lck,
static void send_blocking_reply(char *outbuf, int outsize, const char *inbuf)
{
if(outsize > 4) {
- smb_setlen(outbuf,outsize - 4, inbuf);
+ smb_setlen(inbuf, outbuf,outsize - 4);
}
if (!send_smb(smbd_server_fd(),outbuf)) {
@@ -260,7 +260,7 @@ static void reply_lockingX_success(blocking_lock_record *blr)
int outsize = 0;
construct_reply_common(inbuf, outbuf);
- set_message(outbuf,2,0,True);
+ set_message(inbuf,outbuf,2,0,True);
/*
* As this message is a lockingX call we must handle
@@ -525,7 +525,7 @@ static BOOL process_trans2(blocking_lock_record *blr)
SCVAL(outbuf,smb_com,SMBtrans2);
SSVAL(params,0,0);
/* Fake up max_data_bytes here - we know it fits. */
- send_trans2_replies(outbuf, max_send, params, 2, NULL, 0, 0xffff);
+ send_trans2_replies(inbuf, outbuf, max_send, params, 2, NULL, 0, 0xffff);
return True;
}
diff --git a/source3/smbd/error.c b/source3/smbd/error.c
index 0860b7d1d9..dc35c0fa64 100644
--- a/source3/smbd/error.c
+++ b/source3/smbd/error.c
@@ -29,7 +29,7 @@ extern uint32 global_client_caps;
Create an error packet from a cached error.
****************************************************************************/
-int cached_error_packet(char *outbuf,files_struct *fsp,int line,const char *file)
+int cached_error_packet(const char *inbuf,char *outbuf,files_struct *fsp,int line,const char *file)
{
write_bmpx_struct *wbmpx = fsp->wbmpx_ptr;
int32 eclass = wbmpx->wr_errclass;
@@ -38,14 +38,14 @@ int cached_error_packet(char *outbuf,files_struct *fsp,int line,const char *file
/* We can now delete the auxiliary struct */
SAFE_FREE(fsp->wbmpx_ptr);
- return error_packet(outbuf,eclass,err,ntstatus,line,file);
+ return error_packet(inbuf,outbuf,eclass,err,ntstatus,line,file);
}
/****************************************************************************
Create an error packet from errno.
****************************************************************************/
-int unix_error_packet(char *outbuf,int def_class,uint32 def_code, NTSTATUS def_status, int line, const char *file)
+int unix_error_packet(const char *inbuf,char *outbuf,int def_class,uint32 def_code, NTSTATUS def_status, int line, const char *file)
{
int eclass=def_class;
int ecode=def_code;
@@ -66,7 +66,7 @@ int unix_error_packet(char *outbuf,int def_class,uint32 def_code, NTSTATUS def_s
}
}
- return error_packet(outbuf,eclass,ecode,ntstatus,line,file);
+ return error_packet(inbuf,outbuf,eclass,ecode,ntstatus,line,file);
}
BOOL use_nt_status(void)
@@ -126,9 +126,9 @@ void error_packet_set(char *outbuf, uint8 eclass, uint32 ecode, NTSTATUS ntstatu
}
}
-int error_packet(char *outbuf, uint8 eclass, uint32 ecode, NTSTATUS ntstatus, int line, const char *file)
+int error_packet(const char *inbuf, char *outbuf, uint8 eclass, uint32 ecode, NTSTATUS ntstatus, int line, const char *file)
{
- int outsize = set_message(outbuf,0,0,True);
+ int outsize = set_message(inbuf,outbuf,0,0,True);
error_packet_set(outbuf, eclass, ecode, ntstatus, line, file);
return outsize;
}
diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index 6e5ff9f035..6b647fc72b 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -72,10 +72,13 @@ static void copy_trans_params_and_data(char *outbuf, int align,
Send a trans reply.
****************************************************************************/
-void send_trans_reply(char *outbuf,
- char *rparam, int rparam_len,
- char *rdata, int rdata_len,
- BOOL buffer_too_large)
+void send_trans_reply(const char *inbuf,
+ char *outbuf,
+ char *rparam,
+ int rparam_len,
+ char *rdata,
+ int rdata_len,
+ BOOL buffer_too_large)
{
int this_ldata,this_lparam;
int tot_data_sent = 0;
@@ -97,11 +100,11 @@ void send_trans_reply(char *outbuf,
ERROR_BOTH(STATUS_BUFFER_OVERFLOW,ERRDOS,ERRmoredata);
}
- set_message(outbuf,10,1+align+this_ldata+this_lparam,True);
+ set_message(inbuf,outbuf,10,1+align+this_ldata+this_lparam,True);
copy_trans_params_and_data(outbuf, align,
- rparam, tot_param_sent, this_lparam,
- rdata, tot_data_sent, this_ldata);
+ rparam, tot_param_sent, this_lparam,
+ rdata, tot_data_sent, this_ldata);
SSVAL(outbuf,smb_vwv0,lparam);
SSVAL(outbuf,smb_vwv1,ldata);
@@ -133,7 +136,7 @@ void send_trans_reply(char *outbuf,
align = (this_lparam%4);
- set_message(outbuf,10,1+this_ldata+this_lparam+align,False);
+ set_message(inbuf,outbuf,10,1+this_ldata+this_lparam+align,False);
copy_trans_params_and_data(outbuf, align,
rparam, tot_param_sent, this_lparam,
@@ -160,7 +163,9 @@ void send_trans_reply(char *outbuf,
Start the first part of an RPC reply which began with an SMBtrans request.
****************************************************************************/
-static BOOL api_rpc_trans_reply(char *outbuf, smb_np_struct *p)
+static BOOL api_rpc_trans_reply(const char *inbuf,
+ char *outbuf,
+ smb_np_struct *p)
{
BOOL is_data_outstanding;
char *rdata = (char *)SMB_MALLOC(p->max_trans_reply);
@@ -177,7 +182,7 @@ static BOOL api_rpc_trans_reply(char *outbuf, smb_np_struct *p)
return False;
}
- send_trans_reply(outbuf, NULL, 0, rdata, data_len, is_data_outstanding);
+ send_trans_reply(inbuf, outbuf, NULL, 0, rdata, data_len, is_data_outstanding);
SAFE_FREE(rdata);
return True;
@@ -187,7 +192,11 @@ static BOOL api_rpc_trans_reply(char *outbuf, smb_np_struct *p)
WaitNamedPipeHandleState
****************************************************************************/
-static BOOL api_WNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len)
+static BOOL api_WNPHS(const char *inbuf,
+ char *outbuf,
+ smb_np_struct *p,
+ char *param,
+ int param_len)
{
uint16 priority;
@@ -199,7 +208,7 @@ static BOOL api_WNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len
if (wait_rpc_pipe_hnd_state(p, priority)) {
/* now send the reply */
- send_trans_reply(outbuf, NULL, 0, NULL, 0, False);
+ send_trans_reply(inbuf, outbuf, NULL, 0, NULL, 0, False);
return True;
}
return False;
@@ -210,7 +219,11 @@ static BOOL api_WNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len
SetNamedPipeHandleState
****************************************************************************/
-static BOOL api_SNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len)
+static BOOL api_SNPHS(const char *inbuf,
+ char *outbuf,
+ smb_np_struct *p,
+ char *param,
+ int param_len)
{
uint16 id;
@@ -222,7 +235,7 @@ static BOOL api_SNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len
if (set_rpc_pipe_hnd_state(p, id)) {
/* now send the reply */
- send_trans_reply(outbuf, NULL, 0, NULL, 0, False);
+ send_trans_reply(inbuf, outbuf, NULL, 0, NULL, 0, False);
return True;
}
return False;
@@ -233,7 +246,7 @@ static BOOL api_SNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len
When no reply is generated, indicate unsupported.
****************************************************************************/
-static BOOL api_no_reply(char *outbuf, int max_rdata_len)
+static BOOL api_no_reply(const char *inbuf, char *outbuf, int max_rdata_len)
{
char rparam[4];
@@ -244,7 +257,7 @@ static BOOL api_no_reply(char *outbuf, int max_rdata_len)
DEBUG(3,("Unsupported API fd command\n"));
/* now send the reply */
- send_trans_reply(outbuf, rparam, 4, NULL, 0, False);
+ send_trans_reply(inbuf, outbuf, rparam, 4, NULL, 0, False);
return -1;
}
@@ -253,9 +266,18 @@ static BOOL api_no_reply(char *outbuf, int max_rdata_len)
Handle remote api calls delivered to a named pipe already opened.
****************************************************************************/
-static int api_fd_reply(connection_struct *conn,uint16 vuid,char *outbuf,
- uint16 *setup,char *data,char *params,
- int suwcnt,int tdscnt,int tpscnt,int mdrcnt,int mprcnt)
+static int api_fd_reply(connection_struct *conn,
+ uint16 vuid,
+ const char *inbuf,
+ char *outbuf,
+ uint16 *setup,
+ char *data,
+ char *params,
+ int suwcnt,
+ int tdscnt,
+ int tpscnt,
+ int mdrcnt,
+ int mprcnt)
{
BOOL reply = False;
smb_np_struct *p = NULL;
@@ -283,7 +305,7 @@ static int api_fd_reply(connection_struct *conn,uint16 vuid,char *outbuf,
/* Win9x does this call with a unicode pipe name, not a pnum. */
/* Just return success for now... */
DEBUG(3,("Got TRANSACT_WAITNAMEDPIPEHANDLESTATE on text pipe name\n"));
- send_trans_reply(outbuf, NULL, 0, NULL, 0, False);
+ send_trans_reply(inbuf, outbuf, NULL, 0, NULL, 0, False);
return -1;
}
@@ -309,51 +331,94 @@ static int api_fd_reply(connection_struct *conn,uint16 vuid,char *outbuf,
/* dce/rpc command */
reply = write_to_pipe(p, data, tdscnt);
if (reply)
- reply = api_rpc_trans_reply(outbuf, p);
+ reply = api_rpc_trans_reply(inbuf, outbuf, p);
break;
case TRANSACT_WAITNAMEDPIPEHANDLESTATE:
/* Wait Named Pipe Handle state */
- reply = api_WNPHS(outbuf, p, params, tpscnt);
+ reply = api_WNPHS(inbuf, outbuf, p, params, tpscnt);
break;
case TRANSACT_SETNAMEDPIPEHANDLESTATE:
/* Set Named Pipe Handle state */
- reply = api_SNPHS(outbuf, p, params, tpscnt);
+ reply = api_SNPHS(inbuf, outbuf, p, params, tpscnt);
break;
default:
return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
if (!reply)
- return api_no_reply(outbuf, mdrcnt);
+ return api_no_reply(inbuf, outbuf, mdrcnt);
return -1;
}
/****************************************************************************
- handle named pipe commands
- ****************************************************************************/
-static int named_pipe(connection_struct *conn,uint16 vuid, char *outbuf,char *name,
- uint16 *setup,char *data,char *params,
- int suwcnt,int tdscnt,int tpscnt,
- int msrcnt,int mdrcnt,int mprcnt)
+ Handle named pipe commands.
+****************************************************************************/
+
+static int named_pipe(connection_struct *conn,
+ uint16 vuid,
+ const char *inbuf,
+ char *outbuf,
+ char *name,
+ uint16 *setup,
+ char *data,
+ char *params,
+ int suwcnt,
+ int tdscnt,
+ int tpscnt,
+ int msrcnt,
+ int mdrcnt,
+ int mprcnt)
{
DEBUG(3,("named pipe command on <%s> name\n", name));
- if (strequal(name,"LANMAN"))
- return api_reply(conn,vuid,outbuf,data,params,tdscnt,tpscnt,mdrcnt,mprcnt);
+ if (strequal(name,"LANMAN")) {
+ return api_reply(conn,
+ vuid,
+ inbuf,
+ outbuf,
+ data,
+ params,
+ tdscnt,
+ tpscnt,
+ mdrcnt,
+ mprcnt);
+ }
if (strequal(name,"WKSSVC") ||
strequal(name,"SRVSVC") ||
strequal(name,"WINREG") ||
strequal(name,"SAMR") ||
- strequal(name,"LSARPC"))
- {
+ strequal(name,"LSARPC")) {
DEBUG(4,("named pipe command from Win95 (wow!)\n"));
- return api_fd_reply(conn,vuid,outbuf,setup,data,params,suwcnt,tdscnt,tpscnt,mdrcnt,mprcnt);
+ return api_fd_reply(conn,
+ vuid,
+ inbuf,
+ outbuf,
+ setup,
+ data,
+ params,
+ suwcnt,
+ tdscnt,
+ tpscnt,
+ mdrcnt,
+ mprcnt);
}
- if (strlen(name) < 1)
- return api_fd_reply(conn,vuid,outbuf,setup,data,params,suwcnt,tdscnt,tpscnt,mdrcnt,mprcnt);
+ if (strlen(name) < 1) {
+ return api_fd_reply(conn,
+ vuid,
+ inbuf,
+ outbuf,
+ setup,
+ data,
+ params,
+ suwcnt,
+ tdscnt,
+ tpscnt,
+ mdrcnt,
+ mprcnt);
+ }
if (setup)
DEBUG(3,("unknown named pipe: setup 0x%X setup1=%d\n", (int)setup[0],(int)setup[1]));
@@ -362,8 +427,10 @@ static int named_pipe(connection_struct *conn,uint16 vuid, char *outbuf,char *na
}
static NTSTATUS handle_trans(connection_struct *conn,
- struct trans_state *state,
- char *outbuf, int *outsize)
+ struct trans_state *state,
+ const char *inbuf,
+ char *outbuf,
+ int *outsize)
{
char *local_machine_name;
int name_offset = 0;
@@ -402,15 +469,18 @@ static NTSTATUS handle_trans(connection_struct *conn,
name_offset++;
DEBUG(5,("calling named_pipe\n"));
- *outsize = named_pipe(conn, state->vuid, outbuf,
- state->name+name_offset,
- state->setup,state->data,
- state->param,
- state->setup_count,state->total_data,
- state->total_param,
- state->max_setup_return,
- state->max_data_return,
- state->max_param_return);
+ *outsize = named_pipe(conn,
+ state->vuid,
+ inbuf,
+ outbuf,
+ state->name+name_offset,
+ state->setup,state->data,
+ state->param,
+ state->setup_count,state->total_data,
+ state->total_param,
+ state->max_setup_return,
+ state->max_data_return,
+ state->max_param_return);
if (*outsize == 0) {
return NT_STATUS_NOT_SUPPORTED;
@@ -426,8 +496,11 @@ static NTSTATUS handle_trans(connection_struct *conn,
Reply to a SMBtrans.
****************************************************************************/
-int reply_trans(connection_struct *conn, char *inbuf,char *outbuf,
- int size, int bufsize)
+int reply_trans(connection_struct *conn,
+ char *inbuf,
+ char *outbuf,
+ int size,
+ int bufsize)
{
int outsize = 0;
unsigned int dsoff = SVAL(inbuf, smb_dsoff);
@@ -552,7 +625,7 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf,
if ((state->received_param == state->total_param) &&
(state->received_data == state->total_data)) {
- result = handle_trans(conn, state, outbuf, &outsize);
+ result = handle_trans(conn, state, inbuf, outbuf, &outsize);
SAFE_FREE(state->data);
SAFE_FREE(state->param);
@@ -576,7 +649,7 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf,
/* We need to send an interim response then receive the rest
of the parameter/data bytes */
- outsize = set_message(outbuf,0,0,True);
+ outsize = set_message(inbuf,outbuf,0,0,True);
show_msg(outbuf);
END_PROFILE(SMBtrans);
return outsize;
@@ -687,7 +760,7 @@ int reply_transs(connection_struct *conn, char *inbuf,char *outbuf,
*/
SCVAL(outbuf,smb_com,SMBtrans);
- result = handle_trans(conn, state, outbuf, &outsize);
+ result = handle_trans(conn, state, inbuf, outbuf, &outsize);
DLIST_REMOVE(conn->pending_trans, state);
SAFE_FREE(state->data);
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index 15e0284521..cd2750d759 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -4360,11 +4360,19 @@ static const struct {
/****************************************************************************
- Handle remote api calls
- ****************************************************************************/
+ Handle remote api calls.
+****************************************************************************/
-int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char *params,
- int tdscnt,int tpscnt,int mdrcnt,int mprcnt)
+int api_reply(connection_struct *conn,
+ uint16 vuid,
+ const char *inbuf,
+ char *outbuf,
+ char *data,
+ char *params,
+ int tdscnt,
+ int tpscnt,
+ int mdrcnt,
+ int mprcnt)
{
int api_command;
char *rdata = NULL;
@@ -4457,7 +4465,13 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char *
/* If api_Unsupported returns false we can't return anything. */
if (reply) {
- send_trans_reply(outbuf, rparam, rparam_len, rdata, rdata_len, False);
+ send_trans_reply(inbuf,
+ outbuf,
+ rparam,
+ rparam_len,
+ rdata,
+ rdata_len,
+ False);
}
SAFE_FREE(rdata);
diff --git a/source3/smbd/message.c b/source3/smbd/message.c
index fd53e60c14..e6a5015276 100644
--- a/source3/smbd/message.c
+++ b/source3/smbd/message.c
@@ -131,7 +131,7 @@ int reply_sends(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
return(ERROR_DOS(ERRSRV,ERRmsgoff));
}
- outsize = set_message(outbuf,0,0,True);
+ outsize = set_message(inbuf,outbuf,0,0,True);
p = smb_buf(inbuf)+1;
p += srvstr_pull_buf(inbuf, msgfrom, p, sizeof(msgfrom), STR_ASCII|STR_TERMINATE) + 1;
@@ -170,7 +170,7 @@ int reply_sendstrt(connection_struct *conn, char *inbuf,char *outbuf, int dum_si
return(ERROR_DOS(ERRSRV,ERRmsgoff));
}
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
memset(msgbuf,'\0',sizeof(msgbuf));
msgpos = 0;
@@ -202,7 +202,7 @@ int reply_sendtxt(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz
return(ERROR_DOS(ERRSRV,ERRmsgoff));
}
- outsize = set_message(outbuf,0,0,True);
+ outsize = set_message(inbuf,outbuf,0,0,True);
msg = smb_buf(inbuf) + 1;
@@ -233,7 +233,7 @@ int reply_sendend(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz
return(ERROR_DOS(ERRSRV,ERRmsgoff));
}
- outsize = set_message(outbuf,0,0,True);
+ outsize = set_message(inbuf,outbuf,0,0,True);
DEBUG(3,("SMBsendend\n"));
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index e1df08579d..1722c81d2a 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -56,7 +56,7 @@ static void get_challenge(char buff[8])
static int reply_corep(char *inbuf, char *outbuf)
{
- int outsize = set_message(outbuf,1,0,True);
+ int outsize = set_message(inbuf,outbuf,1,0,True);
Protocol = PROTOCOL_CORE;
@@ -70,7 +70,7 @@ static int reply_corep(char *inbuf, char *outbuf)
static int reply_coreplus(char *inbuf, char *outbuf)
{
int raw = (lp_readraw()?1:0) | (lp_writeraw()?2:0);
- int outsize = set_message(outbuf,13,0,True);
+ int outsize = set_message(inbuf,outbuf,13,0,True);
SSVAL(outbuf,smb_vwv5,raw); /* tell redirector we support
readbraw and writebraw (possibly) */
/* Reply, SMBlockread, SMBwritelock supported. */
@@ -99,7 +99,7 @@ static int reply_lanman1(char *inbuf, char *outbuf)
if (global_encrypted_passwords_negotiated)
secword |= NEGOTIATE_SECURITY_CHALLENGE_RESPONSE;
- set_message(outbuf,13,global_encrypted_passwords_negotiated?8:0,True);
+ set_message(inbuf,outbuf,13,global_encrypted_passwords_negotiated?8:0,True);
SSVAL(outbuf,smb_vwv1,secword);
/* Create a token value and add it to the outgoing packet. */
if (global_encrypted_passwords_negotiated) {
@@ -141,7 +141,7 @@ static int reply_lanman2(char *inbuf, char *outbuf)
if (global_encrypted_passwords_negotiated)
secword |= NEGOTIATE_SECURITY_CHALLENGE_RESPONSE;
- set_message(outbuf,13,global_encrypted_passwords_negotiated?8:0,True);
+ set_message(inbuf,outbuf,13,global_encrypted_passwords_negotiated?8:0,True);
SSVAL(outbuf,smb_vwv1,secword);
SIVAL(outbuf,smb_vwv6,sys_getpid());
@@ -325,7 +325,7 @@ static int reply_nt1(char *inbuf, char *outbuf)
}
}
- set_message(outbuf,17,0,True);
+ set_message(inbuf,outbuf,17,0,True);
SCVAL(outbuf,smb_vwv1,secword);
@@ -369,7 +369,7 @@ static int reply_nt1(char *inbuf, char *outbuf)
}
SSVAL(outbuf,smb_vwv17, p - q); /* length of challenge+domain strings */
- set_message_end(outbuf, p);
+ set_message_end(inbuf,outbuf, p);
return (smb_len(outbuf)+4);
}
@@ -485,7 +485,7 @@ int reply_negprot(connection_struct *conn,
char *inbuf,char *outbuf, int dum_size,
int dum_buffsize)
{
- int outsize = set_message(outbuf,1,0,True);
+ int outsize = set_message(inbuf,outbuf,1,0,True);
int Index=0;
int choice= -1;
int protocol;
diff --git a/source3/smbd/notify.c b/source3/smbd/notify.c
index cf60720bc7..d18bbb180f 100644
--- a/source3/smbd/notify.c
+++ b/source3/smbd/notify.c
@@ -107,6 +107,7 @@ static BOOL notify_marshall_changes(int num_changes,
static void change_notify_reply_packet(const char *request_buf,
NTSTATUS error_code)
{
+ const char *inbuf = request_buf;
char outbuf[smb_size+38];
memset(outbuf, '\0', sizeof(outbuf));
@@ -118,7 +119,7 @@ static void change_notify_reply_packet(const char *request_buf,
* Seems NT needs a transact command with an error code
* in it. This is a longer packet than a simple error.
*/
- set_message(outbuf,18,0,False);
+ set_message(inbuf,outbuf,18,0,False);
show_msg(outbuf);
if (!send_smb(smbd_server_fd(),outbuf))
@@ -161,7 +162,7 @@ void change_notify_reply(const char *request_buf, uint32 max_param_count,
construct_reply_common(request_buf, outbuf);
- if (send_nt_replies(outbuf, buflen, NT_STATUS_OK, prs_data_p(&ps),
+ if (send_nt_replies(request_buf, outbuf, buflen, NT_STATUS_OK, prs_data_p(&ps),
prs_offset(&ps), NULL, 0) == -1) {
exit_server("change_notify_reply_packet: send_smb failed.");
}
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 94de1c709c..fa9828ae03 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -68,8 +68,14 @@ static char *nttrans_realloc(char **ptr, size_t size)
HACK ! Always assumes smb_setup field is zero.
****************************************************************************/
-int send_nt_replies(char *outbuf, int bufsize, NTSTATUS nt_error,
- char *params, int paramsize, char *pdata, int datasize)
+int send_nt_replies(const char *inbuf,
+ char *outbuf,
+ int bufsize,
+ NTSTATUS nt_error,
+ char *params,
+ int paramsize,
+ char *pdata,
+ int datasize)
{
int data_to_send = datasize;
int params_to_send = paramsize;
@@ -85,7 +91,7 @@ int send_nt_replies(char *outbuf, int bufsize, NTSTATUS nt_error,
* transNT replies.
*/
- set_message(outbuf,18,0,True);
+ set_message(inbuf,outbuf,18,0,True);
if (NT_STATUS_V(nt_error)) {
ERROR_NT(nt_error);
@@ -149,7 +155,7 @@ int send_nt_replies(char *outbuf, int bufsize, NTSTATUS nt_error,
total_sent_thistime = MIN(total_sent_thistime, useable_space);
- set_message(outbuf, 18, total_sent_thistime, True);
+ set_message(inbuf,outbuf, 18, total_sent_thistime, True);
/*
* Set total params and data to be sent.
@@ -392,10 +398,10 @@ static int do_ntcreate_pipe_open(connection_struct *conn,
* the wcnt to 42 ? It's definately
* what happens on the wire....
*/
- set_message(outbuf,50,0,True);
+ set_message(inbuf,outbuf,50,0,True);
SCVAL(outbuf,smb_wct,42);
} else {
- set_message(outbuf,34,0,True);
+ set_message(inbuf,outbuf,34,0,True);
}
p = outbuf + smb_vwv2;
@@ -454,7 +460,7 @@ int reply_ntcreate_and_X_quota(connection_struct *conn,
return ERROR_NT(status);
}
- set_message(outbuf,34,0,True);
+ set_message(inbuf,outbuf,34,0,True);
p = outbuf + smb_vwv2;
@@ -876,10 +882,10 @@ int reply_ntcreate_and_X(connection_struct *conn,
* the wcnt to 42 ? It's definately
* what happens on the wire....
*/
- set_message(outbuf,50,0,True);
+ set_message(inbuf,outbuf,50,0,True);
SCVAL(outbuf,smb_wct,42);
} else {
- set_message(outbuf,34,0,True);
+ set_message(inbuf,outbuf,34,0,True);
}
p = outbuf + smb_vwv2;
@@ -1042,7 +1048,7 @@ static int do_nt_transact_create_pipe( connection_struct *conn, char *inbuf, cha
DEBUG(5,("do_nt_transact_create_pipe: open name = %s\n", fname));
/* Send the required number of replies */
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, param_len, *ppdata, 0);
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, params, param_len, *ppdata, 0);
return -1;
}
@@ -1637,7 +1643,7 @@ static int call_nt_transact_create(connection_struct *conn, char *inbuf, char *o
DEBUG(5,("call_nt_transact_create: open name = %s\n", fname));
/* Send the required number of replies */
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, param_len, *ppdata, 0);
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, params, param_len, *ppdata, 0);
return -1;
}
@@ -1898,7 +1904,7 @@ int reply_ntrename(connection_struct *conn,
return ERROR_NT(status);
}
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf,outbuf,0,0,False);
END_PROFILE(SMBntrename);
return(outsize);
@@ -2045,7 +2051,7 @@ static int call_nt_transact_rename(connection_struct *conn, char *inbuf, char *o
/*
* Rename was successful.
*/
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0);
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0);
DEBUG(3,("nt transact rename from = %s, to = %s succeeded.\n",
fsp->fsp_name, new_name));
@@ -2133,7 +2139,7 @@ static int call_nt_transact_query_security_desc(connection_struct *conn, char *i
if(max_data_count < sd_size) {
- send_nt_replies(outbuf, bufsize, NT_STATUS_BUFFER_TOO_SMALL,
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_BUFFER_TOO_SMALL,
params, 4, *ppdata, 0);
talloc_destroy(mem_ctx);
return -1;
@@ -2182,7 +2188,7 @@ security descriptor.\n"));
talloc_destroy(mem_ctx);
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, 4, data,
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, params, 4, data,
(int)sd_size);
return -1;
}
@@ -2229,7 +2235,7 @@ static int call_nt_transact_set_security_desc(connection_struct *conn, char *inb
done:
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0);
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0);
return -1;
}
@@ -2275,7 +2281,7 @@ static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *ou
so we can know if we need to pre-allocate or not */
DEBUG(10,("FSCTL_SET_SPARSE: called on FID[0x%04X](but not implemented)\n", fidnum));
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL,
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL,
0);
return -1;
@@ -2285,7 +2291,7 @@ static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *ou
*/
DEBUG(10,("FSCTL_0x000900C0: called on FID[0x%04X](but not implemented)\n",fidnum));
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL,
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL,
0);
return -1;
@@ -2295,7 +2301,7 @@ static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *ou
*/
DEBUG(10,("FSCTL_GET_REPARSE_POINT: called on FID[0x%04X](but not implemented)\n",fidnum));
- send_nt_replies(outbuf, bufsize, NT_STATUS_NOT_A_REPARSE_POINT,
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_NOT_A_REPARSE_POINT,
NULL, 0, NULL, 0);
return -1;
@@ -2305,7 +2311,7 @@ static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *ou
*/
DEBUG(10,("FSCTL_SET_REPARSE_POINT: called on FID[0x%04X](but not implemented)\n",fidnum));
- send_nt_replies(outbuf, bufsize, NT_STATUS_NOT_A_REPARSE_POINT,
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_NOT_A_REPARSE_POINT,
NULL, 0, NULL, 0);
return -1;
@@ -2419,7 +2425,7 @@ static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *ou
talloc_destroy(shadow_data->mem_ctx);
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0,
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0,
pdata, data_count);
return -1;
@@ -2472,7 +2478,7 @@ static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *ou
*/
/* this works for now... */
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0,
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0,
NULL, 0);
return -1;
}
@@ -2739,7 +2745,7 @@ static int call_nt_transact_get_user_quota(connection_struct *conn, char *inbuf,
break;
}
- send_nt_replies(outbuf, bufsize, nt_status, params, param_len,
+ send_nt_replies(inbuf, outbuf, bufsize, nt_status, params, param_len,
pdata, data_len);
return -1;
@@ -2857,7 +2863,7 @@ static int call_nt_transact_set_user_quota(connection_struct *conn, char *inbuf,
return ERROR_DOS(ERRSRV,ERRerror);
}
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, param_len,
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, params, param_len,
pdata, data_len);
return -1;
@@ -3141,7 +3147,7 @@ int reply_nttrans(connection_struct *conn,
/* We need to send an interim response then receive the rest
of the parameter/data bytes */
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf,outbuf,0,0,False);
show_msg(outbuf);
END_PROFILE(SMBnttrans);
return outsize;
diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c
index 423d6b3a99..26ee52b797 100644
--- a/source3/smbd/oplock.c
+++ b/source3/smbd/oplock.c
@@ -259,7 +259,7 @@ static char *new_break_smb_message(TALLOC_CTX *mem_ctx,
}
memset(result,'\0',smb_size);
- set_message(result,8,0,True);
+ set_message(NULL,result,8,0,True);
SCVAL(result,smb_com,SMBlockingX);
SSVAL(result,smb_tid,fsp->conn->cnum);
SSVAL(result,smb_pid,0xFFFF);
diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c
index 52660da2ff..bec2f19f86 100644
--- a/source3/smbd/pipes.c
+++ b/source3/smbd/pipes.c
@@ -108,7 +108,7 @@ int reply_open_pipe_and_X(connection_struct *conn,
}
/* Prepare the reply */
- set_message(outbuf,15,0,True);
+ set_message(inbuf,outbuf,15,0,True);
/* Mark the opened file as an existing named pipe in message mode. */
SSVAL(outbuf,smb_vwv9,2);
@@ -162,7 +162,7 @@ int reply_pipe_write(char *inbuf,char *outbuf,int length,int dum_bufsize)
return (UNIXERROR(ERRDOS,ERRnoaccess));
}
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
SSVAL(outbuf,smb_vwv0,nwritten);
@@ -224,7 +224,7 @@ int reply_pipe_write_and_X(char *inbuf,char *outbuf,int length,int bufsize)
return (UNIXERROR(ERRDOS,ERRnoaccess));
}
- set_message(outbuf,6,0,True);
+ set_message(inbuf,outbuf,6,0,True);
nwritten = (pipe_start_message_raw ? nwritten + 2 : nwritten);
SSVAL(outbuf,smb_vwv2,nwritten);
@@ -260,7 +260,7 @@ int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize)
return(ERROR_DOS(ERRDOS,ERRbadfid));
}
- set_message(outbuf,12,0,True);
+ set_message(inbuf,outbuf,12,0,True);
data = smb_buf(outbuf);
nread = read_from_pipe(p, data, smb_maxcnt, &unused);
@@ -277,7 +277,7 @@ int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize)
p->pnum, smb_mincnt, smb_maxcnt, nread));
/* Ensure we set up the message length to include the data length read. */
- set_message_bcc(outbuf,nread);
+ set_message_bcc(inbuf,outbuf,nread);
return chain_reply(inbuf,outbuf,length,bufsize);
}
@@ -288,7 +288,7 @@ int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize)
int reply_pipe_close(connection_struct *conn, char *inbuf,char *outbuf)
{
smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv0);
- int outsize = set_message(outbuf,0,0,True);
+ int outsize = set_message(inbuf,outbuf,0,0,True);
if (!p) {
return(ERROR_DOS(ERRDOS,ERRbadfid));
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index c6bcfb7394..ff1170f552 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -1040,7 +1040,7 @@ static int construct_reply(char *inbuf,char *outbuf,int size,int bufsize)
outsize += chain_size;
if(outsize > 4) {
- smb_setlen(outbuf,outsize - 4, inbuf);
+ smb_setlen(inbuf,outbuf,outsize - 4);
}
return(outsize);
}
@@ -1129,7 +1129,7 @@ void remove_from_common_flags2(uint32 v)
void construct_reply_common(const char *inbuf, char *outbuf)
{
- set_message(outbuf,0,0,False);
+ set_message(inbuf,outbuf,0,0,False);
SCVAL(outbuf,smb_com,CVAL(inbuf,smb_com));
SIVAL(outbuf,smb_rcls,0);
@@ -1220,7 +1220,7 @@ int chain_reply(char *inbuf,char *outbuf,int size,int bufsize)
}
/* And set it in the header. */
- smb_setlen(inbuf2, new_size, inbuf);
+ smb_setlen(inbuf, inbuf2, new_size);
/* create the out buffer */
construct_reply_common(inbuf2, outbuf2);
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 1b6f861cb8..bf739aa643 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -303,7 +303,7 @@ int reply_special(char *inbuf,char *outbuf)
memset(outbuf,'\0',smb_size);
- smb_setlen(outbuf,0,inbuf);
+ smb_setlen(inbuf,outbuf,0);
switch (msg_type) {
case 0x81: /* session request */
@@ -421,7 +421,7 @@ int reply_tcon(connection_struct *conn,
return ERROR_NT(nt_status);
}
- outsize = set_message(outbuf,2,0,True);
+ outsize = set_message(inbuf,outbuf,2,0,True);
SSVAL(outbuf,smb_vwv0,max_recv);
SSVAL(outbuf,smb_vwv1,conn->cnum);
SSVAL(outbuf,smb_tid,conn->cnum);
@@ -523,11 +523,11 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt
server_devicetype = "A:";
if (Protocol < PROTOCOL_NT1) {
- set_message(outbuf,2,0,True);
+ set_message(inbuf,outbuf,2,0,True);
p = smb_buf(outbuf);
p += srvstr_push(outbuf, p, server_devicetype, -1,
STR_TERMINATE|STR_ASCII);
- set_message_end(outbuf,p);
+ set_message_end(inbuf,outbuf,p);
} else {
/* NT sets the fstype of IPC$ to the null string */
const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
@@ -537,7 +537,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt
uint32 perm1 = 0;
uint32 perm2 = 0;
- set_message(outbuf,7,0,True);
+ set_message(inbuf,outbuf,7,0,True);
if (IS_IPC(conn)) {
perm1 = FILE_ALL_ACCESS;
@@ -551,7 +551,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt
SIVAL(outbuf, smb_vwv3, perm1);
SIVAL(outbuf, smb_vwv5, perm2);
} else {
- set_message(outbuf,3,0,True);
+ set_message(inbuf,outbuf,3,0,True);
}
p = smb_buf(outbuf);
@@ -560,7 +560,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt
p += srvstr_push(outbuf, p, fstype, -1,
STR_TERMINATE);
- set_message_end(outbuf,p);
+ set_message_end(inbuf,outbuf,p);
/* what does setting this bit do? It is set by NT4 and
may affect the ability to autorun mounted cdroms */
@@ -623,7 +623,7 @@ int reply_ioctl(connection_struct *conn,
return(ERROR_DOS(ERRSRV,ERRnosupport));
}
- outsize = set_message(outbuf,8,replysize+1,True);
+ outsize = set_message(inbuf,outbuf,8,replysize+1,True);
SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */
SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
SSVAL(outbuf,smb_vwv6,52); /* Offset to data */
@@ -719,7 +719,7 @@ int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_s
return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath);
}
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf,outbuf,0,0,False);
END_PROFILE(SMBcheckpath);
return outsize;
@@ -815,7 +815,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size
}
}
- outsize = set_message(outbuf,10,0,True);
+ outsize = set_message(inbuf,outbuf,10,0,True);
SSVAL(outbuf,smb_vwv0,mode);
if(lp_dos_filetime_resolution(SNUM(conn)) ) {
@@ -908,7 +908,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size
return UNIXERROR(ERRDOS, ERRnoaccess);
}
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf,outbuf,0,0,False);
DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
@@ -931,7 +931,7 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz
return(UNIXERROR(ERRHRD,ERRgeneral));
}
- outsize = set_message(outbuf,5,0,True);
+ outsize = set_message(inbuf,outbuf,5,0,True);
if (Protocol <= PROTOCOL_LANMAN2) {
double total_space, free_space;
@@ -1010,7 +1010,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size
expect_close = True;
}
- outsize = set_message(outbuf,1,3,True);
+ outsize = set_message(inbuf,outbuf,1,3,True);
maxentries = SVAL(inbuf,smb_vwv0);
dirtype = SVAL(inbuf,smb_vwv1);
p = smb_buf(inbuf) + 1;
@@ -1182,7 +1182,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size
SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
outsize += DIR_STRUCT_SIZE*numentries;
- smb_setlen(outbuf,outsize - 4,inbuf);
+ smb_setlen(inbuf,outbuf,outsize - 4);
if ((! *directory) && dptr_path(dptr_num))
slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num));
@@ -1217,7 +1217,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size
return reply_unknown(inbuf, outbuf);
}
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
p = smb_buf(inbuf) + 1;
p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err, &path_contains_wcard);
if (!NT_STATUS_IS_OK(err)) {
@@ -1336,7 +1336,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
return ERROR_DOS(ERRDOS,ERRnoaccess);
}
- outsize = set_message(outbuf,7,0,True);
+ outsize = set_message(inbuf,outbuf,7,0,True);
SSVAL(outbuf,smb_vwv0,fsp->fnum);
SSVAL(outbuf,smb_vwv1,fattr);
if(lp_dos_filetime_resolution(SNUM(conn)) ) {
@@ -1512,9 +1512,9 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt
}
if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
- set_message(outbuf,19,0,True);
+ set_message(inbuf,outbuf,19,0,True);
} else {
- set_message(outbuf,15,0,True);
+ set_message(inbuf,outbuf,15,0,True);
}
SSVAL(outbuf,smb_vwv2,fsp->fnum);
SSVAL(outbuf,smb_vwv3,fattr);
@@ -1556,7 +1556,7 @@ int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length,
invalidate_vuid(vuid);
- set_message(outbuf,2,0,True);
+ set_message(inbuf,outbuf,2,0,True);
DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) );
@@ -1651,7 +1651,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
ts[0] = get_atimespec(&sbuf); /* atime. */
file_ntimes(conn, fname, ts);
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
SSVAL(outbuf,smb_vwv0,fsp->fnum);
if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
@@ -1750,7 +1750,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
return ERROR_NT(status);
}
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
SSVAL(outbuf,smb_vwv0,fsp->fnum);
/* the returned filename is relative to the directory */
@@ -1769,7 +1769,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
#endif
namelen = srvstr_push(outbuf, p, s, -1, STR_ASCII|STR_TERMINATE);
p += namelen;
- outsize = set_message_end(outbuf, p);
+ outsize = set_message_end(inbuf,outbuf, p);
if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
@@ -2131,7 +2131,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size
return ERROR_NT(status);
}
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf,outbuf,0,0,False);
END_PROFILE(SMBunlink);
return outsize;
@@ -2402,7 +2402,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length
numtoread = SVAL(inbuf,smb_vwv1);
startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
- outsize = set_message(outbuf,5,3,True);
+ outsize = set_message(inbuf,outbuf,5,3,True);
numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
data = smb_buf(outbuf) + 3;
@@ -2483,7 +2483,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int
numtoread = SVAL(inbuf,smb_vwv1);
startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
- outsize = set_message(outbuf,5,3,True);
+ outsize = set_message(inbuf,outbuf,5,3,True);
numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
/*
* The requested read size cannot be greater than max_recv. JRA.
@@ -2570,7 +2570,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length
SSVAL(outbuf,smb_vwv7,((smb_maxcnt >> 16) & 1));
SSVAL(smb_buf(outbuf),-2,smb_maxcnt);
SCVAL(outbuf,smb_vwv0,0xFF);
- set_message(outbuf,12,smb_maxcnt,False);
+ set_message(inbuf,outbuf,12,smb_maxcnt,False);
header.data = (uint8 *)outbuf;
header.length = data - outbuf;
header.free = NULL;
@@ -2625,7 +2625,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length
return(UNIXERROR(ERRDOS,ERRnoaccess));
}
- outsize = set_message(outbuf,12,nread,False);
+ outsize = set_message(inbuf,outbuf,12,nread,False);
SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
SSVAL(outbuf,smb_vwv5,nread);
SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
@@ -2666,7 +2666,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt
return(ERROR_DOS(ERRDOS,ERRbadaccess));
}
- set_message(outbuf,12,0,True);
+ set_message(inbuf,outbuf,12,0,True);
if (global_client_caps & CAP_LARGE_READX) {
if (SVAL(inbuf,smb_vwv7) == 1) {
@@ -2790,7 +2790,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size,
/* Return a message to the redirector to tell it to send more bytes */
SCVAL(outbuf,smb_com,SMBwritebraw);
SSVALS(outbuf,smb_vwv0,-1);
- outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
+ outsize = set_message(inbuf,outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
show_msg(outbuf);
if (!send_smb(smbd_server_fd(),outbuf))
exit_server_cleanly("reply_writebraw: send_smb failed.");
@@ -2804,7 +2804,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size,
numtowrite = smb_len(inbuf);
/* Set up outbuf to return the correct return */
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
SCVAL(outbuf,smb_com,SMBwritec);
if (numtowrite != 0) {
@@ -2928,7 +2928,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf,
}
}
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
SSVAL(outbuf,smb_vwv0,nwritten);
@@ -3006,7 +3006,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d
return(UNIXERROR(ERRHRD,ERRdiskfull));
}
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
SSVAL(outbuf,smb_vwv0,nwritten);
@@ -3049,7 +3049,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng
return(ERROR_DOS(ERRDOS,ERRbadaccess));
}
- set_message(outbuf,6,0,True);
+ set_message(inbuf,outbuf,6,0,True);
/* Deal with possible LARGE_WRITEX */
if (large_writeX) {
@@ -3196,7 +3196,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int
fsp->fh->pos = res;
- outsize = set_message(outbuf,2,0,True);
+ outsize = set_message(inbuf,outbuf,2,0,True);
SIVAL(outbuf,smb_vwv0,res);
DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
@@ -3212,7 +3212,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int
int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
{
- int outsize = set_message(outbuf,0,0,False);
+ int outsize = set_message(inbuf,outbuf,0,0,False);
uint16 fnum = SVAL(inbuf,smb_vwv0);
files_struct *fsp = file_fsp(inbuf,smb_vwv0);
START_PROFILE(SMBflush);
@@ -3244,7 +3244,7 @@ int reply_exit(connection_struct *conn,
file_close_pid(SVAL(inbuf,smb_pid),SVAL(inbuf,smb_uid));
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf,outbuf,0,0,False);
DEBUG(3,("exit\n"));
@@ -3264,7 +3264,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size,
files_struct *fsp = NULL;
START_PROFILE(SMBclose);
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf,outbuf,0,0,False);
/* If it's an IPC, pass off to the pipe handler. */
if (IS_IPC(conn)) {
@@ -3384,7 +3384,7 @@ int reply_writeclose(connection_struct *conn,
return ERROR_NT(close_status);
}
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
SSVAL(outbuf,smb_vwv0,nwritten);
END_PROFILE(SMBwriteclose);
@@ -3401,7 +3401,7 @@ int reply_writeclose(connection_struct *conn,
int reply_lock(connection_struct *conn,
char *inbuf,char *outbuf, int length, int dum_buffsize)
{
- int outsize = set_message(outbuf,0,0,False);
+ int outsize = set_message(inbuf,outbuf,0,0,False);
SMB_BIG_UINT count,offset;
NTSTATUS status;
files_struct *fsp = file_fsp(inbuf,smb_vwv0);
@@ -3446,7 +3446,7 @@ int reply_lock(connection_struct *conn,
int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size,
int dum_buffsize)
{
- int outsize = set_message(outbuf,0,0,False);
+ int outsize = set_message(inbuf,outbuf,0,0,False);
SMB_BIG_UINT count,offset;
NTSTATUS status;
files_struct *fsp = file_fsp(inbuf,smb_vwv0);
@@ -3486,7 +3486,7 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size,
int reply_tdis(connection_struct *conn,
char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
{
- int outsize = set_message(outbuf,0,0,False);
+ int outsize = set_message(inbuf,outbuf,0,0,False);
uint16 vuid;
START_PROFILE(SMBtdis);
@@ -3517,7 +3517,7 @@ int reply_echo(connection_struct *conn,
int smb_reverb = SVAL(inbuf,smb_vwv0);
int seq_num;
unsigned int data_len = smb_buflen(inbuf);
- int outsize = set_message(outbuf,1,data_len,True);
+ int outsize = set_message(inbuf,outbuf,1,data_len,True);
START_PROFILE(SMBecho);
if (data_len > BUFFER_SIZE) {
@@ -3538,7 +3538,7 @@ int reply_echo(connection_struct *conn,
for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
SSVAL(outbuf,smb_vwv0,seq_num);
- smb_setlen(outbuf,outsize - 4,inbuf);
+ smb_setlen(inbuf,outbuf,outsize - 4);
show_msg(outbuf);
if (!send_smb(smbd_server_fd(),outbuf))
@@ -3579,7 +3579,7 @@ int reply_printopen(connection_struct *conn,
return(ERROR_NT(status));
}
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
SSVAL(outbuf,smb_vwv0,fsp->fnum);
DEBUG(3,("openprint fd=%d fnum=%d\n",
@@ -3596,7 +3596,7 @@ int reply_printopen(connection_struct *conn,
int reply_printclose(connection_struct *conn,
char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
{
- int outsize = set_message(outbuf,0,0,False);
+ int outsize = set_message(inbuf,outbuf,0,0,False);
files_struct *fsp = file_fsp(inbuf,smb_vwv0);
NTSTATUS status;
START_PROFILE(SMBsplclose);
@@ -3629,7 +3629,7 @@ int reply_printclose(connection_struct *conn,
int reply_printqueue(connection_struct *conn,
char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
{
- int outsize = set_message(outbuf,2,3,True);
+ int outsize = set_message(inbuf,outbuf,2,3,True);
int max_count = SVAL(inbuf,smb_vwv0);
int start_index = SVAL(inbuf,smb_vwv1);
START_PROFILE(SMBsplretq);
@@ -3677,7 +3677,7 @@ int reply_printqueue(connection_struct *conn,
}
if (count > 0) {
- outsize = set_message(outbuf,2,28*count+3,False);
+ outsize = set_message(inbuf,outbuf,2,28*count+3,False);
SSVAL(outbuf,smb_vwv0,count);
SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1));
SCVAL(smb_buf(outbuf),0,1);
@@ -3700,7 +3700,7 @@ int reply_printqueue(connection_struct *conn,
int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
{
int numtowrite;
- int outsize = set_message(outbuf,0,0,False);
+ int outsize = set_message(inbuf,outbuf,0,0,False);
char *data;
files_struct *fsp = file_fsp(inbuf,smb_vwv0);
@@ -3791,7 +3791,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
return ERROR_NT(status);
}
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf,outbuf,0,0,False);
DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) );
@@ -4002,7 +4002,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
return ERROR_NT(status);
}
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf,outbuf,0,0,False);
DEBUG( 3, ( "rmdir %s\n", directory ) );
@@ -4763,7 +4763,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
return ERROR_NT(status);
}
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf,outbuf,0,0,False);
END_PROFILE(SMBmv);
return(outsize);
@@ -5110,7 +5110,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
return ERROR_DOS(ERRDOS,error);
}
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
SSVAL(outbuf,smb_vwv0,count);
END_PROFILE(SMBcopy);
@@ -5159,7 +5159,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size
set_conn_connectpath(conn,newdir);
}
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf,outbuf,0,0,False);
SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh));
DEBUG(3,("setdir %s\n", newdir));
@@ -5605,7 +5605,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf,
return ERROR_NT(status);
}
- set_message(outbuf,2,0,True);
+ set_message(inbuf,outbuf,2,0,True);
DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
@@ -5641,7 +5641,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,
return ERROR_DOS(ERRSRV,ERRuseSTD);
}
- outsize = set_message(outbuf,8,0,True);
+ outsize = set_message(inbuf,outbuf,8,0,True);
CHECK_FSP(fsp,conn);
if (!CHECK_READ(fsp,inbuf)) {
@@ -5677,7 +5677,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,
if (nread < (ssize_t)N)
tcount = total_read + nread;
- set_message(outbuf,8,nread+pad,False);
+ set_message(inbuf,outbuf,8,nread+pad,False);
SIVAL(outbuf,smb_vwv0,startpos);
SSVAL(outbuf,smb_vwv2,tcount);
SSVAL(outbuf,smb_vwv6,nread);
@@ -5706,7 +5706,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size,
files_struct *fsp = file_fsp(inbuf,smb_vwv0);
START_PROFILE(SMBsetattrE);
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf,outbuf,0,0,False);
if(!fsp || (fsp->conn != conn)) {
END_PROFILE(SMBsetattrE);
@@ -5837,7 +5837,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size,
SMBwritebmpx */
SCVAL(outbuf,smb_com,SMBwriteBmpx);
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */
@@ -5846,13 +5846,13 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size,
if (write_through && tcount==nwritten) {
/* We need to send both a primary and a secondary response */
- smb_setlen(outbuf,outsize - 4,inbuf);
+ smb_setlen(inbuf,outbuf,outsize - 4);
show_msg(outbuf);
if (!send_smb(smbd_server_fd(),outbuf))
exit_server_cleanly("reply_writebmpx: send_smb failed.");
/* Now the secondary */
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
SCVAL(outbuf,smb_com,SMBwritec);
SSVAL(outbuf,smb_vwv0,nwritten);
}
@@ -5938,7 +5938,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz
wbms->wr_total_written += nwritten;
if(wbms->wr_total_written >= tcount) {
if (write_through) {
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(inbuf,outbuf,1,0,True);
SSVAL(outbuf,smb_vwv0,wbms->wr_total_written);
send_response = True;
}
@@ -5968,7 +5968,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size,
files_struct *fsp = file_fsp(inbuf,smb_vwv0);
START_PROFILE(SMBgetattrE);
- outsize = set_message(outbuf,11,0,True);
+ outsize = set_message(inbuf,outbuf,11,0,True);
if(!fsp || (fsp->conn != conn)) {
END_PROFILE(SMBgetattrE);
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 7b5528222e..188b7bfb81 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -96,15 +96,18 @@ static void sessionsetup_start_signing_engine(const auth_serversupplied_info *se
Send a security blob via a session setup reply.
****************************************************************************/
-static BOOL reply_sesssetup_blob(connection_struct *conn, char *outbuf,
- DATA_BLOB blob, NTSTATUS nt_status)
+static BOOL reply_sesssetup_blob(connection_struct *conn,
+ const char *inbuf,
+ char *outbuf,
+ DATA_BLOB blob,
+ NTSTATUS nt_status)
{
char *p;
if (!NT_STATUS_IS_OK(nt_status) && !NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
ERROR_NT(nt_status_squash(nt_status));
} else {
- set_message(outbuf,4,0,True);
+ set_message(inbuf,outbuf,4,0,True);
nt_status = nt_status_squash(nt_status);
SIVAL(outbuf, smb_rcls, NT_STATUS_V(nt_status));
@@ -118,7 +121,7 @@ static BOOL reply_sesssetup_blob(connection_struct *conn, char *outbuf,
p += add_signature( outbuf, p );
- set_message_end(outbuf,p);
+ set_message_end(inbuf,outbuf,p);
}
show_msg(outbuf);
@@ -292,7 +295,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
}
ap_rep_wrapped = spnego_gen_krb5_wrap(ap_rep, TOK_ID_KRB_ERROR);
response = spnego_gen_auth_response(&ap_rep_wrapped, ret, OID_KERBEROS5_OLD);
- reply_sesssetup_blob(conn, outbuf, response, NT_STATUS_MORE_PROCESSING_REQUIRED);
+ reply_sesssetup_blob(conn, inbuf, outbuf, response, NT_STATUS_MORE_PROCESSING_REQUIRED);
/*
* In this one case we don't invalidate the intermediate vuid.
@@ -520,7 +523,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
/* current_user_info is changed on new vuid */
reload_services( True );
- set_message(outbuf,4,0,True);
+ set_message(inbuf,outbuf,4,0,True);
SSVAL(outbuf, smb_vwv3, 0);
if (server_info->guest) {
@@ -539,7 +542,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
ap_rep_wrapped = data_blob(NULL, 0);
}
response = spnego_gen_auth_response(&ap_rep_wrapped, ret, OID_KERBEROS5_OLD);
- reply_sesssetup_blob(conn, outbuf, response, ret);
+ reply_sesssetup_blob(conn, inbuf, outbuf, response, ret);
data_blob_free(&ap_rep);
data_blob_free(&ap_rep_wrapped);
@@ -593,7 +596,7 @@ static BOOL reply_spnego_ntlmssp(connection_struct *conn, char *inbuf, char *out
/* current_user_info is changed on new vuid */
reload_services( True );
- set_message(outbuf,4,0,True);
+ set_message(inbuf,outbuf,4,0,True);
SSVAL(outbuf, smb_vwv3, 0);
if (server_info->guest) {
@@ -612,7 +615,7 @@ static BOOL reply_spnego_ntlmssp(connection_struct *conn, char *inbuf, char *out
response = *ntlmssp_blob;
}
- ret = reply_sesssetup_blob(conn, outbuf, response, nt_status);
+ ret = reply_sesssetup_blob(conn, inbuf, outbuf, response, nt_status);
if (wrap) {
data_blob_free(&response);
}
@@ -1513,11 +1516,11 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,
data_blob_clear_free(&plaintext_password);
/* it's ok - setup a reply */
- set_message(outbuf,3,0,True);
+ set_message(inbuf,outbuf,3,0,True);
if (Protocol >= PROTOCOL_NT1) {
char *p = smb_buf( outbuf );
p += add_signature( outbuf, p );
- set_message_end( outbuf, p );
+ set_message_end(inbuf, outbuf, p );
/* perhaps grab OS version here?? */
}
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 8f1226c666..12a9e19301 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -577,7 +577,8 @@ static struct ea_list *ea_list_union(struct ea_list *name_list, struct ea_list *
HACK ! Always assumes smb_setup field is zero.
****************************************************************************/
-int send_trans2_replies(char *outbuf,
+int send_trans2_replies(const char *inbuf,
+ char *outbuf,
int bufsize,
const char *params,
int paramsize,
@@ -602,7 +603,7 @@ int send_trans2_replies(char *outbuf,
/* Initially set the wcnt area to be 10 - this is true for all trans2 replies */
- set_message(outbuf,10,0,True);
+ set_message(inbuf,outbuf,10,0,True);
/* Modify the data_to_send and datasize and set the error if
we're trying to send more than max_data_bytes. We still send
@@ -657,7 +658,7 @@ int send_trans2_replies(char *outbuf,
total_sent_thistime = MIN(total_sent_thistime, useable_space+ alignment_offset + data_alignment_offset);
- set_message(outbuf, 10, total_sent_thistime, True);
+ set_message(inbuf, outbuf, 10, total_sent_thistime, True);
/* Set total params and data to be sent */
SSVAL(outbuf,smb_tprcnt,paramsize);
@@ -950,7 +951,7 @@ static int call_trans2open(connection_struct *conn, char *inbuf, char *outbuf, i
}
/* Send the required number of replies */
- send_trans2_replies(outbuf, bufsize, params, 30, *ppdata, 0, max_data_bytes);
+ send_trans2_replies(inbuf, outbuf, bufsize, params, 30, *ppdata, 0, max_data_bytes);
return -1;
}
@@ -1929,7 +1930,7 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd
SSVAL(params,6,0); /* Never an EA error */
SSVAL(params,8,last_entry_off);
- send_trans2_replies( outbuf, bufsize, params, 10, pdata, PTR_DIFF(p,pdata), max_data_bytes);
+ send_trans2_replies(inbuf, outbuf, bufsize, params, 10, pdata, PTR_DIFF(p,pdata), max_data_bytes);
if ((! *directory) && dptr_path(dptr_num))
slprintf(directory,sizeof(directory)-1, "(%s)",dptr_path(dptr_num));
@@ -2222,7 +2223,7 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd
SSVAL(params,4,0); /* Never an EA error */
SSVAL(params,6,last_entry_off);
- send_trans2_replies( outbuf, bufsize, params, 8, pdata, PTR_DIFF(p,pdata), max_data_bytes);
+ send_trans2_replies(inbuf, outbuf, bufsize, params, 8, pdata, PTR_DIFF(p,pdata), max_data_bytes);
if ((! *directory) && dptr_path(dptr_num))
slprintf(directory,sizeof(directory)-1, "(%s)",dptr_path(dptr_num));
@@ -2703,7 +2704,7 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned
}
- send_trans2_replies( outbuf, bufsize, params, 0, pdata, data_len, max_data_bytes);
+ send_trans2_replies(inbuf, outbuf, bufsize, params, 0, pdata, data_len, max_data_bytes);
DEBUG( 4, ( "%s info_level = %d\n", smb_fn_name(CVAL(inbuf,smb_com)), info_level) );
@@ -2804,7 +2805,7 @@ cap_low = 0x%x, cap_high = 0x%x\n",
return ERROR_NT(status);
}
- send_trans2_replies(outbuf, bufsize, *pparams, param_len, *ppdata, data_len, max_data_bytes);
+ send_trans2_replies(inbuf, outbuf, bufsize, *pparams, param_len, *ppdata, data_len, max_data_bytes);
if (NT_STATUS_IS_OK(status)) {
/* Server-side transport encryption is now *on*. */
@@ -2899,7 +2900,7 @@ cap_low = 0x%x, cap_high = 0x%x\n",
* like windows do...
* --metze
*/
- outsize = set_message(outbuf,10,0,True);
+ outsize = set_message(inbuf, outbuf,10,0,True);
return outsize;
}
@@ -4018,7 +4019,7 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd
return ERROR_NT(NT_STATUS_INVALID_LEVEL);
}
- send_trans2_replies(outbuf, bufsize, params, param_size, *ppdata, data_size, max_data_bytes);
+ send_trans2_replies(inbuf, outbuf, bufsize, params, param_size, *ppdata, data_size, max_data_bytes);
return(-1);
}
@@ -5692,7 +5693,7 @@ static int call_trans2setfilepathinfo(connection_struct *conn, char *inbuf, char
DEBUG(3,("call_trans2setfilepathinfo: Cancelling print job (%s)\n", fsp->fsp_name ));
SSVAL(params,0,0);
- send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0, max_data_bytes);
+ send_trans2_replies(inbuf, outbuf, bufsize, params, 2, *ppdata, 0, max_data_bytes);
return(-1);
} else
return (UNIXERROR(ERRDOS,ERRbadpath));
@@ -6023,7 +6024,7 @@ static int call_trans2setfilepathinfo(connection_struct *conn, char *inbuf, char
}
SSVAL(params,0,0);
- send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, data_return_size, max_data_bytes);
+ send_trans2_replies(inbuf, outbuf, bufsize, params, 2, *ppdata, data_return_size, max_data_bytes);
return -1;
}
@@ -6122,7 +6123,7 @@ static int call_trans2mkdir(connection_struct *conn, char *inbuf, char *outbuf,
SSVAL(params,0,0);
- send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0, max_data_bytes);
+ send_trans2_replies(inbuf, outbuf, bufsize, params, 2, *ppdata, 0, max_data_bytes);
return(-1);
}
@@ -6171,7 +6172,7 @@ static int call_trans2findnotifyfirst(connection_struct *conn, char *inbuf, char
if(fnf_handle == 0)
fnf_handle = 257;
- send_trans2_replies(outbuf, bufsize, params, 6, *ppdata, 0, max_data_bytes);
+ send_trans2_replies(inbuf, outbuf, bufsize, params, 6, *ppdata, 0, max_data_bytes);
return(-1);
}
@@ -6199,7 +6200,7 @@ static int call_trans2findnotifynext(connection_struct *conn, char *inbuf, char
SSVAL(params,0,0); /* No changes */
SSVAL(params,2,0); /* No EA errors */
- send_trans2_replies(outbuf, bufsize, params, 4, *ppdata, 0, max_data_bytes);
+ send_trans2_replies(inbuf, outbuf, bufsize, params, 4, *ppdata, 0, max_data_bytes);
return(-1);
}
@@ -6234,7 +6235,7 @@ static int call_trans2getdfsreferral(connection_struct *conn, char* inbuf, char*
return ERROR_NT(status);
SSVAL(outbuf,smb_flg2,SVAL(outbuf,smb_flg2) | FLAGS2_DFS_PATHNAMES);
- send_trans2_replies(outbuf,bufsize,0,0,*ppdata,reply_size, max_data_bytes);
+ send_trans2_replies(inbuf, outbuf,bufsize,0,0,*ppdata,reply_size, max_data_bytes);
return(-1);
}
@@ -6272,7 +6273,7 @@ static int call_trans2ioctl(connection_struct *conn, char* inbuf, char* outbuf,
SSVAL(pdata,0,fsp->rap_print_jobid); /* Job number */
srvstr_push( outbuf, pdata + 2, global_myname(), 15, STR_ASCII|STR_TERMINATE); /* Our NetBIOS name */
srvstr_push( outbuf, pdata+18, lp_servicename(SNUM(conn)), 13, STR_ASCII|STR_TERMINATE); /* Service name */
- send_trans2_replies(outbuf,bufsize,*pparams,0,*ppdata,32, max_data_bytes);
+ send_trans2_replies(inbuf, outbuf,bufsize,*pparams,0,*ppdata,32, max_data_bytes);
return(-1);
} else {
DEBUG(2,("Unknown TRANS2_IOCTL\n"));
@@ -6295,7 +6296,7 @@ int reply_findclose(connection_struct *conn,
dptr_close(&dptr_num);
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf, outbuf,0,0,False);
DEBUG(3,("SMBfindclose dptr_num = %d\n", dptr_num));
@@ -6322,7 +6323,7 @@ int reply_findnclose(connection_struct *conn,
findnotifyfirst - so any dptr_num is ok here.
Just ignore it. */
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf, outbuf,0,0,False);
DEBUG(3,("SMB_findnclose dptr_num = %d\n", dptr_num));
@@ -6640,7 +6641,7 @@ int reply_trans2(connection_struct *conn, char *inbuf,char *outbuf,
/* We need to send an interim response then receive the rest
of the parameter/data bytes */
- outsize = set_message(outbuf,0,0,False);
+ outsize = set_message(inbuf, outbuf,0,0,False);
show_msg(outbuf);
END_PROFILE(SMBtrans2);
return outsize;