diff options
Diffstat (limited to 'source4/librpc')
-rw-r--r-- | source4/librpc/idl/spoolss.idl | 158 | ||||
-rw-r--r-- | source4/librpc/ndr/ndr_spoolss_buf.c | 74 |
2 files changed, 133 insertions, 99 deletions
diff --git a/source4/librpc/idl/spoolss.idl b/source4/librpc/idl/spoolss.idl index 3a3921b261..2b557d25d2 100644 --- a/source4/librpc/idl/spoolss.idl +++ b/source4/librpc/idl/spoolss.idl @@ -254,8 +254,10 @@ [in] spoolss_EnumPrinterFlags flags, [in] unistr *server, [in] uint32 level, - [in,out] DATA_BLOB *buffer, - [in,out,ref] uint32 *buf_size, + [in] DATA_BLOB *buffer, + [in] uint32 offered, + [out] DATA_BLOB *info, + [out] uint32 needed, [out] uint32 count ); [public,noopnum,noprint] void __spoolss_EnumPrinters( @@ -268,11 +270,12 @@ [in] unistr *server, [in] uint32 level, [in] DATA_BLOB *buffer, + [in] uint32 offered, /* what we have here is a subcontext containing an array of no discriminant unions * and the array has no size in front */ [out,switch_is(level),size_is(count)] spoolss_PrinterInfo *info, - [in,out,ref] uint32 *buf_size, + [out] uint32 needed, [out] uint32 count ); @@ -342,23 +345,26 @@ /* Function: 0x03 */ WERROR spoolss_GetJob( [in,ref] policy_handle *handle, - [in] uint32 job_id, - [in] uint32 level, - [in] DATA_BLOB *buffer, + [in] uint32 job_id, + [in] uint32 level, + [in] DATA_BLOB *buffer, + [in] uint32 offered, [out,subcontext(4),switch_is(level)] spoolss_JobInfo *info, - [in,out,ref] uint32 *buf_size + [out] uint32 needed ); /******************/ /* Function: 0x04 */ [public,noopnum,noprint] WERROR _spoolss_EnumJobs( [in,ref] policy_handle *handle, - [in] uint32 firstjob, - [in] uint32 numjobs, - [in] uint32 level, - [in,out] DATA_BLOB *buffer, - [in,out,ref] uint32 *buf_size, - [out] uint32 count + [in] uint32 firstjob, + [in] uint32 numjobs, + [in] uint32 level, + [in] DATA_BLOB *buffer, + [in] uint32 offered, + [out] DATA_BLOB *info, + [out] uint32 needed, + [out] uint32 count ); [public,noopnum,noprint] void __spoolss_EnumJobs( [in] uint32 level, @@ -371,8 +377,9 @@ [in] uint32 numjobs, [in] uint32 level, [in] DATA_BLOB *buffer, + [in] uint32 offered, [out,switch_is(level),size_is(count)] spoolss_JobInfo *info, - [in,out,ref] uint32 *buf_size, + [out] uint32 needed, [out] uint32 count ); @@ -429,11 +436,12 @@ /******************/ /* Function: 0x08 */ WERROR spoolss_GetPrinter( - [in,ref] policy_handle *handle, - [in] uint32 level, - [in] DATA_BLOB *buffer, + [in,ref] policy_handle *handle, + [in] uint32 level, + [in] DATA_BLOB *buffer, + [in] uint32 offered, [out,subcontext(4),switch_is(level)] spoolss_PrinterInfo *info, - [in,out,ref] uint32 *buf_size + [out] uint32 needed ); /******************/ @@ -536,8 +544,10 @@ [in] unistr *server, [in] unistr *environment, [in] uint32 level, - [in,out] DATA_BLOB *buffer, - [in,out,ref] uint32 *buf_size, + [in] DATA_BLOB *buffer, + [in] uint32 offered, + [out] DATA_BLOB *info, + [out] uint32 needed, [out] uint32 count ); [public,noopnum,noprint] void __spoolss_EnumPrinterDrivers( @@ -550,8 +560,9 @@ [in] unistr *environment, [in] uint32 level, [in] DATA_BLOB *buffer, + [in] uint32 offered, [out,switch_is(level),size_is(count)] spoolss_DriverInfo *info, - [in,out,ref] uint32 *buf_size, + [out] uint32 needed, [out] uint32 count ); @@ -594,8 +605,10 @@ [in] unistr *servername, [in] unistr *environment, [in] uint32 level, - [in,out] DATA_BLOB *buffer, - [in,out,ref] uint32 *buf_size, + [in] DATA_BLOB *buffer, + [in] uint32 offered, + [out] DATA_BLOB *info, + [out] uint32 needed, [out] uint32 count ); [public,noopnum,noprint] void __spoolss_EnumPrintProcessors( @@ -608,8 +621,9 @@ [in] unistr *environment, [in] uint32 level, [in] DATA_BLOB *buffer, + [in] uint32 offered, [out,switch_is(level),size_is(count)] spoolss_PrintProcessorInfo *info, - [in,out,ref] uint32 *buf_size, + [out] uint32 needed, [out] uint32 count ); @@ -712,9 +726,10 @@ [noopnum,nopush,noprint,public] WERROR _spoolss_GetPrinterData( [in,ref] policy_handle *handle, [in] unistr value_name, + [in] uint32 offered, [out] spoolss_PrinterDataType type, [out] DATA_BLOB data, - [in,out,ref] uint32 *buf_size + [out] uint32 needed ); [noopnum,nopush,noprint,public] void __spoolss_GetPrinterData( [in] spoolss_PrinterDataType type, @@ -723,9 +738,10 @@ [nopull] WERROR spoolss_GetPrinterData( [in,ref] policy_handle *handle, [in] unistr value_name, + [in] uint32 offered, [out] spoolss_PrinterDataType type, [out,subcontext(4),switch_is(type)] spoolss_PrinterData data, - [in,out,ref] uint32 *buf_size + [out] uint32 needed ); /******************/ @@ -735,7 +751,7 @@ [in] unistr value_name, [in] spoolss_PrinterDataType type, [in] DATA_BLOB data, - [in] uint32 _buf_size + [in] uint32 _offered ); [noopnum,nopull,noprint,public] void __spoolss_SetPrinterData( [in] spoolss_PrinterDataType type, @@ -746,7 +762,7 @@ [in] unistr value_name, [in] spoolss_PrinterDataType type, [in,subcontext(4),switch_is(type)] spoolss_PrinterData data, - [in,value(ndr_size_spoolss_PrinterData(&data,type,flags))] uint32 _buf_size + [in,value(ndr_size_spoolss_PrinterData(&data,type,flags))] uint32 _offered ); /******************/ @@ -818,8 +834,9 @@ [in] unistr form_name, [in] uint32 level, [in] DATA_BLOB *buffer, + [in] uint32 offered, [out,subcontext(4),switch_is(level)] spoolss_FormInfo *info, - [in,out,ref] uint32 *buf_size + [out] uint32 needed ); typedef struct { @@ -851,10 +868,12 @@ /* Function: 0x22 */ [public,noopnum,noprint] WERROR _spoolss_EnumForms( [in,ref] policy_handle *handle, - [in] uint32 level, - [in,out] DATA_BLOB *buffer, - [in,out,ref] uint32 *buf_size, - [out] uint32 count + [in] uint32 level, + [in] DATA_BLOB *buffer, + [in] uint32 offered, + [out] DATA_BLOB *info, + [out] uint32 needed, + [out] uint32 count ); [public,noopnum,noprint] void __spoolss_EnumForms( [in] uint32 level, @@ -863,10 +882,11 @@ ); [nopull,nopush] WERROR spoolss_EnumForms( [in,ref] policy_handle *handle, - [in] uint32 level, - [in] DATA_BLOB *buffer, + [in] uint32 level, + [in] DATA_BLOB *buffer, + [in] uint32 offered, [out,switch_is(level),size_is(count)] spoolss_FormInfo *info, - [in,out,ref] uint32 *buf_size, + [out] uint32 needed, [out] uint32 count ); @@ -901,8 +921,10 @@ [public,noopnum,noprint] WERROR _spoolss_EnumPorts( [in] unistr *servername, [in] uint32 level, - [in,out] DATA_BLOB *buffer, - [in,out,ref] uint32 *buf_size, + [in] DATA_BLOB *buffer, + [in] uint32 offered, + [out] DATA_BLOB *info, + [out] uint32 needed, [out] uint32 count ); [public,noopnum,noprint] void __spoolss_EnumPorts( @@ -914,8 +936,9 @@ [in] unistr *servername, [in] uint32 level, [in] DATA_BLOB *buffer, + [in] uint32 offered, [out,switch_is(level),size_is(count)] spoolss_PortInfo *info, - [in,out,ref] uint32 *buf_size, + [out] uint32 needed, [out] uint32 count ); @@ -940,8 +963,10 @@ [public,noopnum,noprint] WERROR _spoolss_EnumMonitors( [in] unistr *servername, [in] uint32 level, - [in,out] DATA_BLOB *buffer, - [in,out,ref] uint32 *buf_size, + [in] DATA_BLOB *buffer, + [in] uint32 offered, + [out] DATA_BLOB *info, + [out] uint32 needed, [out] uint32 count ); [public,noopnum,noprint] void __spoolss_EnumMonitors( @@ -953,8 +978,9 @@ [in] unistr *servername, [in] uint32 level, [in] DATA_BLOB *buffer, + [in] uint32 offered, [out,switch_is(level),size_is(count)] spoolss_MonitorInfo *info, - [in,out,ref] uint32 *buf_size, + [out] uint32 needed, [out] uint32 count ); @@ -1047,14 +1073,16 @@ /* Function: 0x35 */ WERROR spoolss_GetPrinterDriver2( [in,ref] policy_handle *handle, - [in] unistr *architecture, - [in] uint32 level, - [in,out] DATA_BLOB *buffer, - [in,out,ref] uint32 *buf_size, - [in] uint32 client_major_version, - [in] uint32 client_minor_version, - [out] uint32 server_major_version, - [out] uint32 server_minor_version + [in] unistr *architecture, + [in] uint32 level, + [in] DATA_BLOB *buffer, + [in] uint32 offered, + [in] uint32 client_major_version, + [in] uint32 client_minor_version, + [out] DATA_BLOB *info, + [out] uint32 needed, + [out] uint32 server_major_version, + [out] uint32 server_minor_version ); /******************/ @@ -1236,32 +1264,34 @@ /* Function: 0x4d */ WERROR spoolss_SetPrinterDataEx( [in,ref] policy_handle *handle, - [in] unistr key_name, - [in] unistr value_name, - [in] uint32 type, - [in] DATA_BLOB buffer, - [in,out,ref] uint32 *buf_size + [in] unistr key_name, + [in] unistr value_name, + [in] uint32 type, + [in] DATA_BLOB buffer, + [in] uint32 offered ); /******************/ /* Function: 0x4e */ WERROR spoolss_GetPrinterDataEx( [in,ref] policy_handle *handle, - [in] unistr key_name, - [in] unistr value_name, - [out] uint32 type, - [out] DATA_BLOB buffer, - [in,out,ref] uint32 *buf_size + [in] unistr key_name, + [in] unistr value_name, + [in] uint32 offered, + [out] uint32 type, + [out] DATA_BLOB buffer, + [out] uint32 needed ); /******************/ /* Function: 0x4f */ WERROR spoolss_EnumPrinterDataEx( [in,ref] policy_handle *handle, - [in] unistr key_name, - [out] DATA_BLOB buffer, - [in,out] uint32 buf_size, - [out] uint32 count + [in] unistr key_name, + [in] uint32 offered, + [out] DATA_BLOB buffer, + [out] uint32 needed, + [out] uint32 count ); /******************/ diff --git a/source4/librpc/ndr/ndr_spoolss_buf.c b/source4/librpc/ndr/ndr_spoolss_buf.c index 6ecaa49fcf..621ddfd081 100644 --- a/source4/librpc/ndr/ndr_spoolss_buf.c +++ b/source4/librpc/ndr/ndr_spoolss_buf.c @@ -28,7 +28,7 @@ #define NDR_SPOOLSS_PUSH_ENUM_IN(fn) do { \ _r.in.level = r->in.level;\ _r.in.buffer = r->in.buffer;\ - _r.in.buf_size = r->in.buf_size;\ + _r.in.offered = r->in.offered;\ NDR_CHECK(ndr_push__##fn(ndr, flags, &_r));\ } while(0) @@ -36,9 +36,9 @@ struct ndr_push *_ndr_info;\ _r.in.level = r->in.level;\ _r.in.buffer = r->in.buffer;\ - _r.in.buf_size = r->in.buf_size;\ - _r.out.buffer = NULL;\ - _r.out.buf_size = r->out.buf_size;\ + _r.in.offered = r->in.offered;\ + _r.out.info = NULL;\ + _r.out.needed = r->out.needed;\ _r.out.count = r->out.count;\ _r.out.result = r->out.result;\ if (r->out.info) {\ @@ -51,12 +51,12 @@ __r.in.count = r->out.count;\ __r.out.info = r->out.info;\ NDR_CHECK(ndr_push___##fn(_ndr_info, flags, &__r)); \ - if (*r->in.buf_size > _ndr_info->offset) {\ - uint32_t _padding_len = *r->in.buf_size - _ndr_info->offset;\ + if (r->in.offered > _ndr_info->offset) {\ + uint32_t _padding_len = r->in.offered - _ndr_info->offset;\ NDR_CHECK(ndr_push_zero(_ndr_info, _padding_len));\ }\ _data_blob_info = ndr_push_blob(_ndr_info);\ - _r.out.buffer = &_data_blob_info;\ + _r.out.info = &_data_blob_info;\ }\ NDR_CHECK(ndr_push__##fn(ndr, flags, &_r));\ } while(0) @@ -78,36 +78,37 @@ NDR_CHECK(ndr_pull__##fn(ndr, flags, &_r));\ r->in.level = _r.in.level;\ r->in.buffer = _r.in.buffer;\ - r->in.buf_size = _r.in.buf_size;\ - r->out.buf_size = _r.out.buf_size;\ + r->in.offered = _r.in.offered;\ + r->out.needed = _r.out.needed;\ } while(0) #define NDR_SPOOLSS_PULL_ENUM_OUT(fn) do { \ - struct ndr_pull *_ndr_info;\ _r.in.level = r->in.level;\ _r.in.buffer = r->in.buffer;\ - _r.in.buf_size = r->in.buf_size;\ - _r.out.buf_size = r->out.buf_size;\ + _r.in.offered = r->in.offered;\ + _r.out.needed = r->out.needed;\ NDR_CHECK(ndr_pull__##fn(ndr, flags, &_r));\ r->out.info = NULL;\ - r->out.buf_size = _r.out.buf_size;\ + r->out.needed = _r.out.needed;\ r->out.count = _r.out.count;\ r->out.result = _r.out.result;\ - if (_r.out.buffer) {\ - struct __##fn __r;\ - _ndr_info = ndr_pull_init_blob(_r.out.buffer, ndr);\ + if (_r.out.info) {\ + struct ndr_pull *_ndr_info = ndr_pull_init_blob(_r.out.info, ndr);\ if (!_ndr_info) return NT_STATUS_NO_MEMORY;\ _ndr_info->flags= ndr->flags;\ - if (*r->out.buf_size != _ndr_info->data_size) {\ + if (r->in.offered != _ndr_info->data_size) {\ return ndr_pull_error(ndr, NDR_ERR_BUFSIZE,\ - "SPOOLSS Buffer: buf_size[%u] doesn't match length of buffer[%u]",\ - *r->out.buf_size, _ndr_info->data_size);\ + "SPOOLSS Buffer: offered[%u] doesn't match length of buffer[%u]",\ + r->in.offered, _ndr_info->data_size);\ + }\ + if (r->out.needed <= _ndr_info->data_size) {\ + struct __##fn __r;\ + __r.in.level = r->in.level;\ + __r.in.count = r->out.count;\ + __r.out.info = NULL;\ + NDR_CHECK(ndr_pull___##fn(_ndr_info, flags, &__r));\ + r->out.info = __r.out.info;\ }\ - __r.in.level = r->in.level;\ - __r.in.count = r->out.count;\ - __r.out.info = NULL;\ - NDR_CHECK(ndr_pull___##fn(_ndr_info, flags, &__r));\ - r->out.info = __r.out.info;\ }\ } while(0) @@ -372,30 +373,33 @@ NTSTATUS ndr_pull_spoolss_GetPrinterData(struct ndr_pull *ndr, int flags, struct _r.in.handle = r->in.handle; _r.in.value_name= r->in.value_name; - _r.in.buf_size = r->in.buf_size; + _r.in.offered = r->in.offered; _r.out.type = r->out.type; _r.out.data = data_blob(NULL,0), - _r.out.buf_size = r->out.buf_size; + _r.out.needed = r->out.needed; NDR_CHECK(ndr_pull__spoolss_GetPrinterData(ndr, flags, &_r)); r->in.handle = _r.in.handle; r->in.value_name= _r.in.value_name; - r->in.buf_size = _r.in.buf_size; - r->out.buf_size = _r.out.buf_size; + r->in.offered = _r.in.offered; + r->out.needed = _r.out.needed; } if (flags & NDR_OUT) { _r.in.handle = r->in.handle; _r.in.value_name= r->in.value_name; - _r.in.buf_size = r->in.buf_size; + _r.in.offered = r->in.offered; _r.out.type = r->out.type; _r.out.data = data_blob(NULL,0), - _r.out.buf_size = r->out.buf_size; + _r.out.needed = r->out.needed; _r.out.result = r->out.result; NDR_CHECK(ndr_pull__spoolss_GetPrinterData(ndr, flags, &_r)); r->out.type = _r.out.type; ZERO_STRUCT(r->out.data); - r->out.buf_size = _r.out.buf_size; + r->out.needed = _r.out.needed; r->out.result = _r.out.result; - if (_r.out.data.length > 0) { + if (_r.out.data.length != r->in.offered) { + /* TODO: ndr_pull_error(...) */ + } + if (_r.out.data.length > 0 && r->out.needed <= _r.out.data.length) { struct __spoolss_GetPrinterData __r; struct ndr_pull *_ndr_data = ndr_pull_init_blob(&_r.out.data, ndr); if (!_ndr_data) return NT_STATUS_NO_MEMORY; @@ -431,13 +435,13 @@ NTSTATUS ndr_push_spoolss_SetPrinterData(struct ndr_push *ndr, int flags, struct NDR_CHECK(ndr_push___spoolss_SetPrinterData(_ndr_data, NDR_OUT, &__r)); _data_blob_data = ndr_push_blob(_ndr_data); - r->in._buf_size = _data_blob_data.length; + r->in._offered = _data_blob_data.length; _r.in.handle = r->in.handle; _r.in.value_name= r->in.value_name; _r.in.type = r->in.type; _r.in.data = _data_blob_data; - _r.in._buf_size = r->in._buf_size; + _r.in._offered = r->in._offered; _r.out.result = r->out.result; NDR_CHECK(ndr_push__spoolss_SetPrinterData(ndr, flags, &_r)); } @@ -446,7 +450,7 @@ NTSTATUS ndr_push_spoolss_SetPrinterData(struct ndr_push *ndr, int flags, struct _r.in.value_name= r->in.value_name; _r.in.type = r->in.type; _r.in.data = data_blob(NULL,0), - _r.in._buf_size = r->in._buf_size; + _r.in._offered = r->in._offered; _r.out.result = r->out.result; NDR_CHECK(ndr_push__spoolss_SetPrinterData(ndr, flags, &_r)); } |