From 4b9bdee167987affbc2c4dbf381b0c61dfda3364 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 26 Oct 2011 12:08:51 -0700
Subject: Add early return on stat open without O_CREAT if file doesn't exist.
 Reduces one level of indentation.

---
 source3/smbd/open.c | 145 +++++++++++++++++++++++++++-------------------------
 1 file changed, 74 insertions(+), 71 deletions(-)

diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 1e21799868..6fb891830f 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -560,86 +560,89 @@ static NTSTATUS open_file(files_struct *fsp,
 		}
 
 	} else {
+		uint32_t access_granted = 0;
+
 		fsp->fh->fd = -1; /* What we used to call a stat open. */
-		if (file_existed) {
-			uint32_t access_granted = 0;
+		if (!file_existed) {
+			/* File must exist for a stat open. */
+			return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+		}
 
-			status = smbd_check_open_rights(conn,
-					smb_fname,
-					access_mask,
-					&access_granted);
-			if (!NT_STATUS_IS_OK(status)) {
-				if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
-					/*
-					 * On NT_STATUS_ACCESS_DENIED, access_granted
-					 * contains the denied bits.
-					 */
-
-					if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
-							(access_granted & FILE_WRITE_ATTRIBUTES) &&
-							(lp_map_readonly(SNUM(conn)) ||
-							 lp_map_archive(SNUM(conn)) ||
-							 lp_map_hidden(SNUM(conn)) ||
-							 lp_map_system(SNUM(conn)))) {
-						access_granted &= ~FILE_WRITE_ATTRIBUTES;
-
-						DEBUG(10,("open_file: "
-							  "overrode "
-							  "FILE_WRITE_"
-							  "ATTRIBUTES "
-							  "on file %s\n",
-							  smb_fname_str_dbg(
-								  smb_fname)));
-					}
+		status = smbd_check_open_rights(conn,
+				smb_fname,
+				access_mask,
+				&access_granted);
+		if (!NT_STATUS_IS_OK(status)) {
+			if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+				/*
+				 * On NT_STATUS_ACCESS_DENIED, access_granted
+				 * contains the denied bits.
+				 */
 
-					if ((access_mask & DELETE_ACCESS) &&
-					    (access_granted & DELETE_ACCESS) &&
-					    can_delete_file_in_directory(conn,
-						smb_fname)) {
-						/* Were we trying to do a stat open
-						 * for delete and didn't get DELETE
-						 * access (only) ? Check if the
-						 * directory allows DELETE_CHILD.
-						 * See here:
-						 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
-						 * for details. */
-
-						access_granted &= ~DELETE_ACCESS;
-
-						DEBUG(10,("open_file: "
-							  "overrode "
-							  "DELETE_ACCESS on "
-							  "file %s\n",
-							  smb_fname_str_dbg(
-								  smb_fname)));
-					}
+				if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
+						(access_granted & FILE_WRITE_ATTRIBUTES) &&
+						(lp_map_readonly(SNUM(conn)) ||
+						 lp_map_archive(SNUM(conn)) ||
+						 lp_map_hidden(SNUM(conn)) ||
+						 lp_map_system(SNUM(conn)))) {
+					access_granted &= ~FILE_WRITE_ATTRIBUTES;
 
-					if (access_granted != 0) {
-						DEBUG(10,("open_file: Access "
-							  "denied on file "
-							  "%s\n",
-							  smb_fname_str_dbg(
-								  smb_fname)));
-						return status;
-					}
-				} else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
-				    fsp->posix_open &&
-				    S_ISLNK(smb_fname->st.st_ex_mode)) {
-					/* This is a POSIX stat open for delete
-					 * or rename on a symlink that points
-					 * nowhere. Allow. */
-					DEBUG(10,("open_file: allowing POSIX "
-						  "open on bad symlink %s\n",
+					DEBUG(10,("open_file: "
+						  "overrode "
+						  "FILE_WRITE_"
+						  "ATTRIBUTES "
+						  "on file %s\n",
 						  smb_fname_str_dbg(
 							  smb_fname)));
-				} else {
+				}
+
+				if ((access_mask & DELETE_ACCESS) &&
+				    (access_granted & DELETE_ACCESS) &&
+				    can_delete_file_in_directory(conn,
+					smb_fname)) {
+					/* Were we trying to do a stat open
+					 * for delete and didn't get DELETE
+					 * access (only) ? Check if the
+					 * directory allows DELETE_CHILD.
+					 * See here:
+					 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
+					 * for details. */
+
+					access_granted &= ~DELETE_ACCESS;
+
 					DEBUG(10,("open_file: "
-						  "smbd_check_open_rights on file "
-						  "%s returned %s\n",
-						  smb_fname_str_dbg(smb_fname),
-						  nt_errstr(status) ));
+						  "overrode "
+						  "DELETE_ACCESS on "
+						  "file %s\n",
+						  smb_fname_str_dbg(
+							  smb_fname)));
+				}
+
+				if (access_granted != 0) {
+					DEBUG(10,("open_file: Access "
+						  "denied on file "
+						  "%s\n",
+						  smb_fname_str_dbg(
+							  smb_fname)));
 					return status;
 				}
+			} else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
+			    fsp->posix_open &&
+			    S_ISLNK(smb_fname->st.st_ex_mode)) {
+				/* This is a POSIX stat open for delete
+				 * or rename on a symlink that points
+				 * nowhere. Allow. */
+				DEBUG(10,("open_file: allowing POSIX "
+					  "open on bad symlink %s\n",
+					  smb_fname_str_dbg(
+						  smb_fname)));
+			} else {
+				DEBUG(10,("open_file: "
+					  "smbd_check_open_rights on file "
+					  "%s returned %s\n",
+					  smb_fname_str_dbg(smb_fname),
+					  nt_errstr(status) ));
+				return status;
 			}
 		}
 	}
-- 
cgit