The branch, v3-2-test has been updated
via 3366ac2857820d87fb36a1357786a3564d258da5 (commit)
from 3d96409c115b3ad4ef29ff75e40b39a26e316afe (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit 3366ac2857820d87fb36a1357786a3564d258da5
Author: Stefan Metzmacher <[EMAIL PROTECTED]>
Date: Tue Aug 19 16:34:50 2008 +0200
smbd: fix the handling of create_options to pass RAW-OPEN
Some of the bits generate INVALID_PARAMETER and some bits
are ignored when they come from a client, that's why we need
to use bits from the ignored range for our internal usage.
metze
(cherry picked from commit 7b4c8a4e39f310eb450918fa841b0ea1b4af19f7)
-----------------------------------------------------------------------
Summary of changes:
source/include/smb.h | 15 +++++++++++----
source/smbd/nttrans.c | 12 ++++++++++++
source/smbd/open.c | 5 +++++
3 files changed, 28 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/include/smb.h b/source/include/smb.h
index cef6819..3c7058f 100644
--- a/source/include/smb.h
+++ b/source/include/smb.h
@@ -1377,12 +1377,19 @@ struct bitmap {
#define FILE_DELETE_ON_CLOSE 0x1000
#define FILE_OPEN_BY_FILE_ID 0x2000
-/* Private create options used by the ntcreatex processing code. From Samba4.
*/
-#define NTCREATEX_OPTIONS_PRIVATE_DENY_DOS 0x01000000
-#define NTCREATEX_OPTIONS_PRIVATE_DENY_FCB 0x02000000
+#define NTCREATEX_OPTIONS_MUST_IGNORE_MASK (0x008F0480)
+
+#define NTCREATEX_OPTIONS_INVALID_PARAM_MASK (0xFF100030)
+
+/*
+ * Private create options used by the ntcreatex processing code. From Samba4.
+ * We reuse some ignored flags for private use.
+ */
+#define NTCREATEX_OPTIONS_PRIVATE_DENY_DOS 0x00010000
+#define NTCREATEX_OPTIONS_PRIVATE_DENY_FCB 0x00020000
/* Private options for streams support */
-#define NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE 0x04000000
+#define NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE 0x00040000
/* Responses when opening a file. */
#define FILE_WAS_SUPERSEDED 0
diff --git a/source/smbd/nttrans.c b/source/smbd/nttrans.c
index ae7bd8b..0b48fa2 100644
--- a/source/smbd/nttrans.c
+++ b/source/smbd/nttrans.c
@@ -490,6 +490,12 @@ void reply_ntcreate_and_X(struct smb_request *req)
fname));
/*
+ * we need to remove ignored bits when they come directly from the
client
+ * because we reuse some of them for internal stuff
+ */
+ create_options &= ~NTCREATEX_OPTIONS_MUST_IGNORE_MASK;
+
+ /*
* If it's an IPC, use the pipe handler.
*/
@@ -899,6 +905,12 @@ static void call_nt_transact_create(connection_struct
*conn,
allocation_size |= (((SMB_BIG_UINT)IVAL(params,16)) << 32);
#endif
+ /*
+ * we need to remove ignored bits when they come directly from the
client
+ * because we reuse some of them for internal stuff
+ */
+ create_options &= ~NTCREATEX_OPTIONS_MUST_IGNORE_MASK;
+
/* Ensure the data_len is correct for the sd and ea values given. */
if ((ea_len + sd_len > data_count)
|| (ea_len > data_count) || (sd_len > data_count)
diff --git a/source/smbd/open.c b/source/smbd/open.c
index 2184e69..ea10cdc 100644
--- a/source/smbd/open.c
+++ b/source/smbd/open.c
@@ -2614,6 +2614,11 @@ NTSTATUS create_file_unixpath(connection_struct *conn,
goto fail;
}
+ if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto fail;
+ }
+
if (req == NULL) {
oplock_request |= INTERNAL_OPEN_ONLY;
}
--
Samba Shared Repository
