summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/process.c2
-rw-r--r--source3/smbd/reply.c35
2 files changed, 25 insertions, 12 deletions
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index e0da594450..64e41ff155 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -703,7 +703,7 @@ static const struct smb_message_struct {
/* 0x0a */ { "SMBread",NULL,reply_read,AS_USER},
/* 0x0b */ { "SMBwrite",NULL,reply_write,AS_USER | CAN_IPC },
/* 0x0c */ { "SMBlock",NULL,reply_lock,AS_USER},
-/* 0x0d */ { "SMBunlock",reply_unlock,NULL,AS_USER},
+/* 0x0d */ { "SMBunlock",NULL,reply_unlock,AS_USER},
/* 0x0e */ { "SMBctemp",NULL,reply_ctemp,AS_USER },
/* 0x0f */ { "SMBmknew",NULL,reply_mknew,AS_USER},
/* 0x10 */ { "SMBcheckpath",NULL,reply_checkpath,AS_USER},
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 00b3e514c6..e16d8d4f6b 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -4033,37 +4033,50 @@ void reply_lock(connection_struct *conn, struct smb_request *req)
Reply to a unlock.
****************************************************************************/
-int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size,
- int dum_buffsize)
+void reply_unlock(connection_struct *conn, struct smb_request *req)
{
- int outsize = set_message(inbuf,outbuf,0,0,False);
SMB_BIG_UINT count,offset;
NTSTATUS status;
- files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
+ files_struct *fsp;
+
START_PROFILE(SMBunlock);
- CHECK_FSP(fsp,conn);
+ if (req->wct < 5) {
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ END_PROFILE(SMBunlock);
+ return;
+ }
+
+ fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
+
+ if (!check_fsp(conn, req, fsp, &current_user)) {
+ END_PROFILE(SMBunlock);
+ return;
+ }
- count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
- offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
+ count = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv1);
+ offset = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv3);
status = do_unlock(smbd_messaging_context(),
fsp,
- (uint32)SVAL(inbuf,smb_pid),
+ req->smbpid,
count,
offset,
WINDOWS_LOCK);
if (NT_STATUS_V(status)) {
+ reply_nterror(req, status);
END_PROFILE(SMBunlock);
- return ERROR_NT(status);
+ return;
}
DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
-
+
+ reply_outbuf(req, 0, 0);
+
END_PROFILE(SMBunlock);
- return(outsize);
+ return;
}
#undef DBGC_CLASS