/*
test for buffer size handling
*/
static bool torture_smb2_buffercheck(struct smb2_tree *tree)
{
NTSTATUS status;
struct smb2_handle handle;
struct smb2_getinfo b;
printf("Testing buffer size handling\n");
status = smb2_util_roothandle(tree, &handle);
if (!NT_STATUS_IS_OK(status)) {
printf(__location__ " Unable to create root handle - %s\n", nt_errstr(status));
return false;
}
ZERO_STRUCT(b);
b.in.info_type = SMB2_GETINFO_FS;
b.in.info_class = 1;
b.in.output_buffer_length = 0x1;
b.in.input_buffer_length = 0;
b.in.file.handle = handle;
status = smb2_getinfo(tree, tree, &b);
if (!NT_STATUS_EQUAL(status, NT_STATUS_INFO_LENGTH_MISMATCH)) {
printf(__location__ " Wrong error code for small buffer %s\n",
nt_errstr(status));
return false;
}
return true;
}
/*
test fsinfo levels
*/
static bool torture_smb2_fsinfo(struct smb2_tree *tree)
{
int i;
NTSTATUS status;
struct smb2_handle handle;
printf("Testing fsinfo levels\n");
status = smb2_util_roothandle(tree, &handle);
if (!NT_STATUS_IS_OK(status)) {
printf(__location__ " Unable to create root handle - %s\n", nt_errstr(status));
return false;
}
for (i=0;i<ARRAY_SIZE(fs_levels);i++) {
fs_levels[i].info.generic.level = fs_levels[i].level;
fs_levels[i].info.generic.handle = handle;
fs_levels[i].status = smb2_getinfo_fs(tree, tree, &fs_levels[i].info);
if (!NT_STATUS_IS_OK(fs_levels[i].status)) {
printf("%s failed - %s\n", fs_levels[i].name, nt_errstr(fs_levels[i].status));
return false;
}
}
return true;
}
static BOOL test_valid_request(TALLOC_CTX *mem_ctx, struct smb2_tree *tree)
{
BOOL ret = True;
NTSTATUS status;
struct smb2_handle dh;
struct smb2_notify n;
struct smb2_request *req;
status = smb2_util_roothandle(tree, &dh);
CHECK_STATUS(status, NT_STATUS_OK);
n.in.recursive = 0x0000;
n.in.buffer_size = 0x00080000;
n.in.file.handle = dh;
n.in.completion_filter = 0x00000FFF;
n.in.unknown = 0x00000000;
req = smb2_notify_send(tree, &n);
while (!req->cancel.can_cancel && req->state <= SMB2_REQUEST_RECV) {
if (event_loop_once(req->transport->socket->event.ctx) != 0) {
break;
}
}
status = torture_setup_complex_file(tree, FNAME);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_notify_recv(req, mem_ctx, &n);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(n.out.num_changes, 1);
CHECK_VALUE(n.out.changes[0].action, NOTIFY_ACTION_REMOVED);
CHECK_WIRE_STR(n.out.changes[0].name, FNAME);
/*
* if the change response doesn't fit in the buffer
* NOTIFY_ENUM_DIR is returned.
*/
n.in.buffer_size = 0x00000000;
req = smb2_notify_send(tree, &n);
while (!req->cancel.can_cancel && req->state <= SMB2_REQUEST_RECV) {
if (event_loop_once(req->transport->socket->event.ctx) != 0) {
break;
}
}
status = torture_setup_complex_file(tree, FNAME);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_notify_recv(req, mem_ctx, &n);
CHECK_STATUS(status, STATUS_NOTIFY_ENUM_DIR);
/*
* if the change response fits in the buffer we get
* NT_STATUS_OK again
*/
n.in.buffer_size = 0x00080000;
req = smb2_notify_send(tree, &n);
while (!req->cancel.can_cancel && req->state <= SMB2_REQUEST_RECV) {
if (event_loop_once(req->transport->socket->event.ctx) != 0) {
break;
}
}
status = torture_setup_complex_file(tree, FNAME);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_notify_recv(req, mem_ctx, &n);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(n.out.num_changes, 3);
CHECK_VALUE(n.out.changes[0].action, NOTIFY_ACTION_REMOVED);
CHECK_WIRE_STR(n.out.changes[0].name, FNAME);
CHECK_VALUE(n.out.changes[1].action, NOTIFY_ACTION_ADDED);
CHECK_WIRE_STR(n.out.changes[1].name, FNAME);
CHECK_VALUE(n.out.changes[2].action, NOTIFY_ACTION_MODIFIED);
CHECK_WIRE_STR(n.out.changes[2].name, FNAME);
/* if the first notify returns NOTIFY_ENUM_DIR, all do */
status = smb2_util_close(tree, dh);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_util_roothandle(tree, &dh);
CHECK_STATUS(status, NT_STATUS_OK);
n.in.recursive = 0x0000;
n.in.buffer_size = 0x00000001;
n.in.file.handle = dh;
n.in.completion_filter = 0x00000FFF;
n.in.unknown = 0x00000000;
req = smb2_notify_send(tree, &n);
while (!req->cancel.can_cancel && req->state <= SMB2_REQUEST_RECV) {
if (event_loop_once(req->transport->socket->event.ctx) != 0) {
break;
}
}
status = torture_setup_complex_file(tree, FNAME);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_notify_recv(req, mem_ctx, &n);
CHECK_STATUS(status, STATUS_NOTIFY_ENUM_DIR);
n.in.buffer_size = 0x00080000;
req = smb2_notify_send(tree, &n);
while (!req->cancel.can_cancel && req->state <= SMB2_REQUEST_RECV) {
if (event_loop_once(req->transport->socket->event.ctx) != 0) {
break;
}
}
status = torture_setup_complex_file(tree, FNAME);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_notify_recv(req, mem_ctx, &n);
CHECK_STATUS(status, STATUS_NOTIFY_ENUM_DIR);
/* if the buffer size is too large, we get invalid parameter */
n.in.recursive = 0x0000;
n.in.buffer_size = 0x00080001;
n.in.file.handle = dh;
n.in.completion_filter = 0x00000FFF;
n.in.unknown = 0x00000000;
req = smb2_notify_send(tree, &n);
status = smb2_notify_recv(req, mem_ctx, &n);
CHECK_STATUS(status, NT_STATUS_INVALID_PARAMETER);
done:
return ret;
}
