From 53123996033594f68a3fc9037474aada3aef0750 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 27 Aug 2013 09:06:27 +0000 Subject: smbd: qfilepathinfo has fixed/variable buffers The error message will have to change depending whether the buffer is too small for the fixed or variable buffers Bug: https://bugzilla.samba.org/show_bug.cgi?id=10106 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- source3/smbd/globals.h | 1 + source3/smbd/smb2_getinfo.c | 2 ++ source3/smbd/trans2.c | 22 ++++++++++++++++++++++ 3 files changed, 25 insertions(+) (limited to 'source3') diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h index d618aeaff3..6ccb57ef73 100644 --- a/source3/smbd/globals.h +++ b/source3/smbd/globals.h @@ -138,6 +138,7 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, char *lock_data, uint16_t flags2, unsigned int max_data_bytes, + size_t *fixed_portion, char **ppdata, unsigned int *pdata_size); diff --git a/source3/smbd/smb2_getinfo.c b/source3/smbd/smb2_getinfo.c index 4420f94b17..0d75c36344 100644 --- a/source3/smbd/smb2_getinfo.c +++ b/source3/smbd/smb2_getinfo.c @@ -293,6 +293,7 @@ static struct tevent_req *smbd_smb2_getinfo_send(TALLOC_CTX *mem_ctx, struct ea_list *ea_list = NULL; int lock_data_count = 0; char *lock_data = NULL; + size_t fixed_portion; ZERO_STRUCT(write_time_ts); @@ -380,6 +381,7 @@ static struct tevent_req *smbd_smb2_getinfo_send(TALLOC_CTX *mem_ctx, lock_data, STR_UNICODE, in_output_buffer_length, + &fixed_portion, &data, &data_size); if (!NT_STATUS_IS_OK(status)) { diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index b6cb3cc349..1d55dbee74 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -4388,6 +4388,7 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, char *lock_data, uint16_t flags2, unsigned int max_data_bytes, + size_t *fixed_portion, char **ppdata, unsigned int *pdata_size) { @@ -4528,6 +4529,8 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, BasicFileInformationTest. -tpot */ file_index = get_FileIndex(conn, psbuf); + *fixed_portion = 0; + switch (info_level) { case SMB_INFO_STANDARD: DEBUG(10,("smbd_do_qfilepathinfo: SMB_INFO_STANDARD\n")); @@ -4674,6 +4677,7 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, DEBUG(5,("write: %s ", ctime(&mtime))); DEBUG(5,("change: %s ", ctime(&c_time))); DEBUG(5,("mode: %x\n", mode)); + *fixed_portion = data_size; break; case SMB_FILE_STANDARD_INFORMATION: @@ -4687,6 +4691,7 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, SCVAL(pdata,20,delete_pending?1:0); SCVAL(pdata,21,(mode&FILE_ATTRIBUTE_DIRECTORY)?1:0); SSVAL(pdata,22,0); /* Padding. */ + *fixed_portion = 24; break; case SMB_FILE_EA_INFORMATION: @@ -4696,6 +4701,7 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, estimate_ea_size(conn, fsp, smb_fname); DEBUG(10,("smbd_do_qfilepathinfo: SMB_FILE_EA_INFORMATION\n")); data_size = 4; + *fixed_portion = 4; SIVAL(pdata,0,ea_size); break; } @@ -4717,6 +4723,7 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, STR_UNICODE); data_size = 4 + len; SIVAL(pdata,0,len); + *fixed_portion = 8; break; } @@ -4780,6 +4787,7 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, SIVAL(pdata,0,len); pdata += 4 + len; data_size = PTR_DIFF(pdata,(*ppdata)); + *fixed_portion = 10; break; } @@ -4817,6 +4825,7 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, SIVAL(pdata,0,len); pdata += 4 + len; data_size = PTR_DIFF(pdata,(*ppdata)); + *fixed_portion = 104; break; } case SMB_FILE_INTERNAL_INFORMATION: @@ -4824,12 +4833,14 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, DEBUG(10,("smbd_do_qfilepathinfo: SMB_FILE_INTERNAL_INFORMATION\n")); SBVAL(pdata, 0, file_index); data_size = 8; + *fixed_portion = 8; break; case SMB_FILE_ACCESS_INFORMATION: DEBUG(10,("smbd_do_qfilepathinfo: SMB_FILE_ACCESS_INFORMATION\n")); SIVAL(pdata, 0, access_mask); data_size = 4; + *fixed_portion = 4; break; case SMB_FILE_NAME_INFORMATION: @@ -4847,24 +4858,28 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, DEBUG(10,("smbd_do_qfilepathinfo: SMB_FILE_DISPOSITION_INFORMATION\n")); data_size = 1; SCVAL(pdata,0,delete_pending); + *fixed_portion = 1; break; case SMB_FILE_POSITION_INFORMATION: DEBUG(10,("smbd_do_qfilepathinfo: SMB_FILE_POSITION_INFORMATION\n")); data_size = 8; SOFF_T(pdata,0,pos); + *fixed_portion = 8; break; case SMB_FILE_MODE_INFORMATION: DEBUG(10,("smbd_do_qfilepathinfo: SMB_FILE_MODE_INFORMATION\n")); SIVAL(pdata,0,mode); data_size = 4; + *fixed_portion = 4; break; case SMB_FILE_ALIGNMENT_INFORMATION: DEBUG(10,("smbd_do_qfilepathinfo: SMB_FILE_ALIGNMENT_INFORMATION\n")); SIVAL(pdata,0,0); /* No alignment needed. */ data_size = 4; + *fixed_portion = 4; break; /* @@ -4909,6 +4924,8 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, TALLOC_FREE(streams); + *fixed_portion = 32; + break; } case SMB_QUERY_COMPRESSION_INFO: @@ -4918,6 +4935,7 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, SIVAL(pdata,8,0); /* ??? */ SIVAL(pdata,12,0); /* ??? */ data_size = 16; + *fixed_portion = 16; break; case SMB_FILE_NETWORK_OPEN_INFORMATION: @@ -4931,6 +4949,7 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, SIVAL(pdata,48,mode); SIVAL(pdata,52,0); /* ??? */ data_size = 56; + *fixed_portion = 56; break; case SMB_FILE_ATTRIBUTE_TAG_INFORMATION: @@ -4938,6 +4957,7 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, SIVAL(pdata,0,mode); SIVAL(pdata,4,0); data_size = 8; + *fixed_portion = 8; break; /* @@ -5211,6 +5231,7 @@ static void call_trans2qfilepathinfo(connection_struct *conn, struct ea_list *ea_list = NULL; int lock_data_count = 0; char *lock_data = NULL; + size_t fixed_portion; NTSTATUS status = NT_STATUS_OK; if (!params) { @@ -5570,6 +5591,7 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd ea_list, lock_data_count, lock_data, req->flags2, max_data_bytes, + &fixed_portion, ppdata, &data_size); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); -- cgit