From 2ad2bdda89c07c0b8ce754c3b0cd4664eefc697d Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Mon, 26 May 2008 15:02:43 +1000
Subject: stricter checks for valid inputs in SMB2 open and lock (This used to
 be commit a7b5689a73adde59de28770aa3949660441291ea)

---
 source4/smb_server/smb/reply.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'source4/smb_server/smb/reply.c')

diff --git a/source4/smb_server/smb/reply.c b/source4/smb_server/smb/reply.c
index 40cad91062..d28f4b6072 100644
--- a/source4/smb_server/smb/reply.c
+++ b/source4/smb_server/smb/reply.c
@@ -2193,6 +2193,11 @@ void smbsrv_reply_ntcreate_and_X(struct smbsrv_request *req)
 	io->ntcreatex.in.ea_list          = NULL;
 	io->ntcreatex.in.sec_desc         = NULL;
 
+	/* we use a couple of bits of the create options internally */
+	if (io->ntcreatex.in.create_options & NTCREATEX_OPTIONS_PRIVATE_MASK) {
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+
 	/* we need a neater way to handle this alignment */
 	if ((req->flags2 & FLAGS2_UNICODE_STRINGS) && 
 	    ucs2_align(req->in.buffer, req->in.data, STR_TERMINATE|STR_UNICODE)) {
-- 
cgit