summaryrefslogtreecommitdiff
path: root/source4/ntvfs
diff options
context:
space:
mode:
Diffstat (limited to 'source4/ntvfs')
-rw-r--r--source4/ntvfs/ntvfs_generic.c18
-rw-r--r--source4/ntvfs/posix/pvfs_flush.c1
-rw-r--r--source4/ntvfs/posix/pvfs_open.c38
-rw-r--r--source4/ntvfs/posix/pvfs_streams.c13
4 files changed, 53 insertions, 17 deletions
diff --git a/source4/ntvfs/ntvfs_generic.c b/source4/ntvfs/ntvfs_generic.c
index 62a1427405..9b4f235cde 100644
--- a/source4/ntvfs/ntvfs_generic.c
+++ b/source4/ntvfs/ntvfs_generic.c
@@ -522,6 +522,12 @@ NTSTATUS ntvfs_map_open(struct ntvfs_module_context *ntvfs,
io2->generic.in.fname = io->smb2.in.fname;
io2->generic.in.sec_desc = NULL;
io2->generic.in.ea_list = NULL;
+
+ /* we use a couple of bits of the create options internally */
+ if (io2->generic.in.create_options & NTCREATEX_OPTIONS_PRIVATE_MASK) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
status = ntvfs->ops->open(ntvfs, req, io2);
break;
@@ -1031,6 +1037,9 @@ NTSTATUS ntvfs_map_lock(struct ntvfs_module_context *ntvfs,
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<lck->smb2.in.lock_count;i++) {
+ if (lck->smb2.in.locks[i].flags & ~SMB2_LOCK_FLAG_ALL_MASK) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
if (lck->smb2.in.locks[i].flags & SMB2_LOCK_FLAG_UNLOCK) {
int j = lck2->generic.in.ulock_cnt;
lck2->generic.in.ulock_cnt++;
@@ -1277,10 +1286,15 @@ static NTSTATUS ntvfs_map_read_finish(struct ntvfs_module_context *ntvfs,
rd->smb2.out.remaining = 0;
rd->smb2.out.reserved = 0;
if (NT_STATUS_IS_OK(status) &&
- rd->smb2.out.data.length == 0 &&
- rd->smb2.in.length != 0) {
+ rd->smb2.out.data.length == 0) {
status = NT_STATUS_END_OF_FILE;
}
+ /* SMB2 does honor the min_count field, SMB does not */
+ if (NT_STATUS_IS_OK(status) &&
+ rd->smb2.in.min_count > rd->smb2.out.data.length) {
+ rd->smb2.out.data.length = 0;
+ status = NT_STATUS_END_OF_FILE;
+ }
break;
default:
return NT_STATUS_INVALID_LEVEL;
diff --git a/source4/ntvfs/posix/pvfs_flush.c b/source4/ntvfs/posix/pvfs_flush.c
index 61e73cedba..6e09c1f34a 100644
--- a/source4/ntvfs/posix/pvfs_flush.c
+++ b/source4/ntvfs/posix/pvfs_flush.c
@@ -54,6 +54,7 @@ NTSTATUS pvfs_flush(struct ntvfs_module_context *ntvfs,
return NT_STATUS_INVALID_HANDLE;
}
pvfs_flush_file(pvfs, f);
+ io->smb2.out.reserved = 0;
return NT_STATUS_OK;
case RAW_FLUSH_ALL:
diff --git a/source4/ntvfs/posix/pvfs_open.c b/source4/ntvfs/posix/pvfs_open.c
index 926c99d37e..59b42fe751 100644
--- a/source4/ntvfs/posix/pvfs_open.c
+++ b/source4/ntvfs/posix/pvfs_open.c
@@ -203,6 +203,13 @@ static NTSTATUS pvfs_open_directory(struct pvfs_state *pvfs,
return NT_STATUS_NOT_A_DIRECTORY;
}
+ /* found with gentest */
+ if (io->ntcreatex.in.access_mask == SEC_FLAG_MAXIMUM_ALLOWED &&
+ (io->ntcreatex.in.create_options & NTCREATEX_OPTIONS_DIRECTORY) &&
+ (io->ntcreatex.in.create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
switch (io->generic.in.open_disposition) {
case NTCREATEX_DISP_OPEN_IF:
break;
@@ -563,7 +570,7 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs,
(create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE)) {
return NT_STATUS_CANNOT_DELETE;
}
-
+
status = pvfs_access_check_create(pvfs, req, name, &access_mask);
NT_STATUS_NOT_OK_RETURN(status);
@@ -1121,6 +1128,25 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
return ntvfs_map_open(ntvfs, req, io);
}
+ create_options = io->generic.in.create_options;
+ share_access = io->generic.in.share_access;
+ access_mask = io->generic.in.access_mask;
+
+ if (share_access & ~NTCREATEX_SHARE_ACCESS_MASK) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ /* some create options are not supported */
+ if (create_options & NTCREATEX_OPTIONS_NOT_SUPPORTED_MASK) {
+ return NT_STATUS_NOT_SUPPORTED;
+ }
+
+ /* other create options are not allowed */
+ if ((create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) &&
+ !(access_mask & SEC_STD_DELETE)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
/* resolve the cifs name to a posix name */
status = pvfs_resolve_name(pvfs, req, io->ntcreatex.in.fname,
PVFS_RESOLVE_STREAMS, &name);
@@ -1152,16 +1178,6 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
open doesn't match */
io->generic.in.file_attr &= ~FILE_ATTRIBUTE_DIRECTORY;
- create_options = io->generic.in.create_options;
- share_access = io->generic.in.share_access;
- access_mask = io->generic.in.access_mask;
-
- /* certain create options are not allowed */
- if ((create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) &&
- !(access_mask & SEC_STD_DELETE)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
flags = 0;
switch (io->generic.in.open_disposition) {
diff --git a/source4/ntvfs/posix/pvfs_streams.c b/source4/ntvfs/posix/pvfs_streams.c
index 3cd9952fd5..30d7ce2477 100644
--- a/source4/ntvfs/posix/pvfs_streams.c
+++ b/source4/ntvfs/posix/pvfs_streams.c
@@ -276,9 +276,12 @@ ssize_t pvfs_stream_write(struct pvfs_state *pvfs,
if (count == 0) {
return 0;
}
- if (offset > XATTR_MAX_STREAM_SIZE) {
- errno = ENOSPC;
- return -1;
+
+ if (count+offset > XATTR_MAX_STREAM_SIZE) {
+ if (!pvfs->ea_db || count+offset > XATTR_MAX_STREAM_SIZE_TDB) {
+ errno = ENOSPC;
+ return -1;
+ }
}
/* we have to load the existing stream, then modify, then save */
@@ -332,7 +335,9 @@ NTSTATUS pvfs_stream_truncate(struct pvfs_state *pvfs,
DATA_BLOB blob;
if (length > XATTR_MAX_STREAM_SIZE) {
- return NT_STATUS_DISK_FULL;
+ if (!pvfs->ea_db || length > XATTR_MAX_STREAM_SIZE_TDB) {
+ return NT_STATUS_DISK_FULL;
+ }
}
/* we have to load the existing stream, then modify, then save */
generated by cgit (git 2.34.1) at 2025-01-20 11:39:17 +0000