From eb8dd6a81181c3dab9cbe6b934ceb4f3ba1ba2af Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 19 Aug 2008 16:34:50 +0200 Subject: smbd: fix the handling of create_options to pass RAW-OPEN Some of the bits generate INVALID_PARAMETER and some bits are ignored when they come from a client, that's why we need to use bits from the ignored range for our internal usage. metze (This used to be commit 7b4c8a4e39f310eb450918fa841b0ea1b4af19f7) --- source3/smbd/nttrans.c | 12 ++++++++++++ source3/smbd/open.c | 5 +++++ 2 files changed, 17 insertions(+) (limited to 'source3/smbd') diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 149e6ecbd9..b6951272d7 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -454,6 +454,12 @@ void reply_ntcreate_and_X(struct smb_request *req) (unsigned int)root_dir_fid, fname)); + /* + * we need to remove ignored bits when they come directly from the client + * because we reuse some of them for internal stuff + */ + create_options &= ~NTCREATEX_OPTIONS_MUST_IGNORE_MASK; + /* * If it's an IPC, use the pipe handler. */ @@ -858,6 +864,12 @@ static void call_nt_transact_create(connection_struct *conn, allocation_size |= (((SMB_BIG_UINT)IVAL(params,16)) << 32); #endif + /* + * we need to remove ignored bits when they come directly from the client + * because we reuse some of them for internal stuff + */ + create_options &= ~NTCREATEX_OPTIONS_MUST_IGNORE_MASK; + /* Ensure the data_len is correct for the sd and ea values given. */ if ((ea_len + sd_len > data_count) || (ea_len > data_count) || (sd_len > data_count) diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 03efd09f06..8b32907a4b 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2560,6 +2560,11 @@ NTSTATUS create_file_unixpath(connection_struct *conn, goto fail; } + if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) { + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + if (req == NULL) { oplock_request |= INTERNAL_OPEN_ONLY; } -- cgit