NTSTATUS smbd_smb2_request_process_getinfo(struct smbd_smb2_request *req)
{
const uint8_t *inhdr;
const uint8_t *inbody;
int i = req->current_idx;
size_t expected_body_size = 0x29;
size_t body_size;
uint8_t in_info_type;
uint8_t in_file_info_class;
uint32_t in_output_buffer_length;
uint16_t in_input_buffer_offset;
uint32_t in_input_buffer_length;
DATA_BLOB in_input_buffer;
uint32_t in_additional_information;
uint32_t in_flags;
uint64_t in_file_id_persistent;
uint64_t in_file_id_volatile;
struct tevent_req *subreq;
inhdr = (const uint8_t *)req->in.vector[i+0].iov_base;
if (req->in.vector[i+1].iov_len != (expected_body_size & 0xFFFFFFFE)) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
inbody = (const uint8_t *)req->in.vector[i+1].iov_base;
body_size = SVAL(inbody, 0x00);
if (body_size != expected_body_size) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
in_info_type = CVAL(inbody, 0x02);
in_file_info_class = CVAL(inbody, 0x03);
in_output_buffer_length = IVAL(inbody, 0x04);
in_input_buffer_offset = SVAL(inbody, 0x08);
/* 0x0A 2 bytes reserved */
in_input_buffer_length = IVAL(inbody, 0x0C);
in_additional_information = IVAL(inbody, 0x10);
in_flags = IVAL(inbody, 0x14);
in_file_id_persistent = BVAL(inbody, 0x18);
in_file_id_volatile = BVAL(inbody, 0x20);
if (in_input_buffer_offset == 0 && in_input_buffer_length == 0) {
/* This is ok */
} else if (in_input_buffer_offset !=
(SMB2_HDR_BODY + (body_size & 0xFFFFFFFE))) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
if (in_input_buffer_length > req->in.vector[i+2].iov_len) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
in_input_buffer.data = (uint8_t *)req->in.vector[i+2].iov_base;
in_input_buffer.length = in_input_buffer_length;
if (req->compat_chain_fsp) {
/* skip check */
} else if (in_file_id_persistent != 0) {
return smbd_smb2_request_error(req, NT_STATUS_FILE_CLOSED);
}
subreq = smbd_smb2_getinfo_send(req,
req->sconn->smb2.event_ctx,
req,
in_info_type,
in_file_info_class,
in_output_buffer_length,
in_input_buffer,
in_additional_information,
in_flags,
in_file_id_volatile);
if (subreq == NULL) {
return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
}
tevent_req_set_callback(subreq, smbd_smb2_request_getinfo_done, req);
return smbd_smb2_request_pending_queue(req, subreq);
}
NTSTATUS smbd_smb2_request_process_getinfo(struct smbd_smb2_request *req)
{
NTSTATUS status;
const uint8_t *inbody;
uint8_t in_info_type;
uint8_t in_file_info_class;
uint32_t in_output_buffer_length;
uint16_t in_input_buffer_offset;
uint32_t in_input_buffer_length;
DATA_BLOB in_input_buffer;
uint32_t in_additional_information;
uint32_t in_flags;
uint64_t in_file_id_persistent;
uint64_t in_file_id_volatile;
struct files_struct *in_fsp;
struct tevent_req *subreq;
status = smbd_smb2_request_verify_sizes(req, 0x29);
if (!NT_STATUS_IS_OK(status)) {
return smbd_smb2_request_error(req, status);
}
inbody = SMBD_SMB2_IN_BODY_PTR(req);
in_info_type = CVAL(inbody, 0x02);
in_file_info_class = CVAL(inbody, 0x03);
in_output_buffer_length = IVAL(inbody, 0x04);
in_input_buffer_offset = SVAL(inbody, 0x08);
/* 0x0A 2 bytes reserved */
in_input_buffer_length = IVAL(inbody, 0x0C);
in_additional_information = IVAL(inbody, 0x10);
in_flags = IVAL(inbody, 0x14);
in_file_id_persistent = BVAL(inbody, 0x18);
in_file_id_volatile = BVAL(inbody, 0x20);
if (in_input_buffer_offset == 0 && in_input_buffer_length == 0) {
/* This is ok */
} else if (in_input_buffer_offset !=
(SMB2_HDR_BODY + SMBD_SMB2_IN_BODY_LEN(req))) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
if (in_input_buffer_length > SMBD_SMB2_IN_DYN_LEN(req)) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
in_input_buffer.data = SMBD_SMB2_IN_DYN_PTR(req);
in_input_buffer.length = in_input_buffer_length;
if (in_input_buffer.length > req->sconn->smb2.max_trans) {
DEBUG(2,("smbd_smb2_request_process_getinfo: "
"client ignored max trans: %s: 0x%08X: 0x%08X\n",
__location__, (unsigned)in_input_buffer.length,
(unsigned)req->sconn->smb2.max_trans));
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
if (in_output_buffer_length > req->sconn->smb2.max_trans) {
DEBUG(2,("smbd_smb2_request_process_getinfo: "
"client ignored max trans: %s: 0x%08X: 0x%08X\n",
__location__, in_output_buffer_length,
req->sconn->smb2.max_trans));
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
status = smbd_smb2_request_verify_creditcharge(req,
MAX(in_input_buffer.length,in_output_buffer_length));
if (!NT_STATUS_IS_OK(status)) {
return smbd_smb2_request_error(req, status);
}
in_fsp = file_fsp_smb2(req, in_file_id_persistent, in_file_id_volatile);
if (in_fsp == NULL) {
return smbd_smb2_request_error(req, NT_STATUS_FILE_CLOSED);
}
subreq = smbd_smb2_getinfo_send(req, req->sconn->ev_ctx,
req, in_fsp,
in_info_type,
in_file_info_class,
in_output_buffer_length,
in_input_buffer,
in_additional_information,
in_flags);
if (subreq == NULL) {
return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
}
tevent_req_set_callback(subreq, smbd_smb2_request_getinfo_done, req);
return smbd_smb2_request_pending_queue(req, subreq, 500);
}
NTSTATUS smbd_smb2_request_process_getinfo(struct smbd_smb2_request *req)
{
NTSTATUS status;
const uint8_t *inbody;
int i = req->current_idx;
uint8_t in_info_type;
uint8_t in_file_info_class;
uint32_t in_output_buffer_length;
uint16_t in_input_buffer_offset;
uint32_t in_input_buffer_length;
DATA_BLOB in_input_buffer;
uint32_t in_additional_information;
uint32_t in_flags;
uint64_t in_file_id_persistent;
uint64_t in_file_id_volatile;
struct files_struct *in_fsp;
struct tevent_req *subreq;
status = smbd_smb2_request_verify_sizes(req, 0x29);
if (!NT_STATUS_IS_OK(status)) {
return smbd_smb2_request_error(req, status);
}
inbody = (const uint8_t *)req->in.vector[i+1].iov_base;
in_info_type = CVAL(inbody, 0x02);
in_file_info_class = CVAL(inbody, 0x03);
in_output_buffer_length = IVAL(inbody, 0x04);
in_input_buffer_offset = SVAL(inbody, 0x08);
/* 0x0A 2 bytes reserved */
in_input_buffer_length = IVAL(inbody, 0x0C);
in_additional_information = IVAL(inbody, 0x10);
in_flags = IVAL(inbody, 0x14);
in_file_id_persistent = BVAL(inbody, 0x18);
in_file_id_volatile = BVAL(inbody, 0x20);
if (in_input_buffer_offset == 0 && in_input_buffer_length == 0) {
/* This is ok */
} else if (in_input_buffer_offset !=
(SMB2_HDR_BODY + req->in.vector[i+1].iov_len)) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
if (in_input_buffer_length > req->in.vector[i+2].iov_len) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
in_input_buffer.data = (uint8_t *)req->in.vector[i+2].iov_base;
in_input_buffer.length = in_input_buffer_length;
if (in_input_buffer.length > req->sconn->smb2.max_trans) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
if (in_output_buffer_length > req->sconn->smb2.max_trans) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
in_fsp = file_fsp_smb2(req, in_file_id_persistent, in_file_id_volatile);
if (in_fsp == NULL) {
return smbd_smb2_request_error(req, NT_STATUS_FILE_CLOSED);
}
subreq = smbd_smb2_getinfo_send(req, req->sconn->smb2.event_ctx,
req, in_fsp,
in_info_type,
in_file_info_class,
in_output_buffer_length,
in_input_buffer,
in_additional_information,
in_flags);
if (subreq == NULL) {
return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
}
tevent_req_set_callback(subreq, smbd_smb2_request_getinfo_done, req);
return smbd_smb2_request_pending_queue(req, subreq);
}
