diff options
| author | Stefan Metzmacher <metze@samba.org> | 2008-08-19 16:34:50 +0200 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2008-08-21 08:46:02 +0200 |
| commit | ebd1f8f9297b31353d094ddccc320a83f02877ce (patch) | |
| tree | c2bb1bce82b8d65e090360563cdc897669ddb35b | |
| parent | 64ebfe4b2e5b7e3e07a0af424b35000693148e48 (diff) | |
| download | samba-ebd1f8f9297b31353d094ddccc320a83f02877ce.tar.gz samba-ebd1f8f9297b31353d094ddccc320a83f02877ce.tar.xz samba-ebd1f8f9297b31353d094ddccc320a83f02877ce.zip | |
smbd: fix the handling of create_options to pass RAW-OPEN
Some of the bits generate INVALID_PARAMETER and some bits
are ignored when they come from a client, that's why we need
to use bits from the ignored range for our internal usage.
metze
(cherry picked from commit 7b4c8a4e39f310eb450918fa841b0ea1b4af19f7)
(cherry picked from commit 3366ac2857820d87fb36a1357786a3564d258da5)
| -rw-r--r-- | source/include/smb.h | 15 | ||||
| -rw-r--r-- | source/smbd/nttrans.c | 12 | ||||
| -rw-r--r-- | source/smbd/open.c | 5 |
3 files changed, 28 insertions, 4 deletions
diff --git a/source/include/smb.h b/source/include/smb.h index cef6819979a..3c7058fc29d 100644 --- a/source/include/smb.h +++ b/source/include/smb.h @@ -1377,12 +1377,19 @@ struct bitmap { #define FILE_DELETE_ON_CLOSE 0x1000 #define FILE_OPEN_BY_FILE_ID 0x2000 -/* Private create options used by the ntcreatex processing code. From Samba4. */ -#define NTCREATEX_OPTIONS_PRIVATE_DENY_DOS 0x01000000 -#define NTCREATEX_OPTIONS_PRIVATE_DENY_FCB 0x02000000 +#define NTCREATEX_OPTIONS_MUST_IGNORE_MASK (0x008F0480) + +#define NTCREATEX_OPTIONS_INVALID_PARAM_MASK (0xFF100030) + +/* + * Private create options used by the ntcreatex processing code. From Samba4. + * We reuse some ignored flags for private use. + */ +#define NTCREATEX_OPTIONS_PRIVATE_DENY_DOS 0x00010000 +#define NTCREATEX_OPTIONS_PRIVATE_DENY_FCB 0x00020000 /* Private options for streams support */ -#define NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE 0x04000000 +#define NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE 0x00040000 /* Responses when opening a file. */ #define FILE_WAS_SUPERSEDED 0 diff --git a/source/smbd/nttrans.c b/source/smbd/nttrans.c index ae7bd8b7b72..0b48fa2c4d5 100644 --- a/source/smbd/nttrans.c +++ b/source/smbd/nttrans.c @@ -490,6 +490,12 @@ void reply_ntcreate_and_X(struct smb_request *req) fname)); /* + * we need to remove ignored bits when they come directly from the client + * because we reuse some of them for internal stuff + */ + create_options &= ~NTCREATEX_OPTIONS_MUST_IGNORE_MASK; + + /* * If it's an IPC, use the pipe handler. */ @@ -899,6 +905,12 @@ static void call_nt_transact_create(connection_struct *conn, allocation_size |= (((SMB_BIG_UINT)IVAL(params,16)) << 32); #endif + /* + * we need to remove ignored bits when they come directly from the client + * because we reuse some of them for internal stuff + */ + create_options &= ~NTCREATEX_OPTIONS_MUST_IGNORE_MASK; + /* Ensure the data_len is correct for the sd and ea values given. */ if ((ea_len + sd_len > data_count) || (ea_len > data_count) || (sd_len > data_count) diff --git a/source/smbd/open.c b/source/smbd/open.c index 2184e69d374..ea10cdc5799 100644 --- a/source/smbd/open.c +++ b/source/smbd/open.c @@ -2614,6 +2614,11 @@ NTSTATUS create_file_unixpath(connection_struct *conn, goto fail; } + if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) { + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + if (req == NULL) { oplock_request |= INTERNAL_OPEN_ONLY; } |