Hi Jeremy, > - Log ----------------------------------------------------------------- > commit a94a4b788c3056068d0c8e42c55e990f418db666 > Author: Jeremy Allison <[email protected]> > Date: Mon Apr 26 20:11:59 2010 -0700 > > Plumb in get_nt_acl into SMB2. > > Jeremy.
> /* the levels directly map to the passthru levels */
> file_info_level = in_file_info_class + 1000;
> @@ -392,7 +408,59 @@ static struct tevent_req
> *smbd_smb2_getinfo_send(TALLOC_CTX *mem_ctx,
> break;
> }
>
> + case 0x03:/* SMB2_GETINFO_SEC */
> + {
> + uint8_t *p_marshalled_sd = NULL;
> + size_t sd_size = 0;
I think we should check in_file_info_class for the correct value here
and maybe return an error instead of ignoring it.
> + status = smbd_do_query_security_desc(conn,
> + state,
> + fsp,
> + /* Security info wanted. */
> + in_additional_information,
> + in_output_buffer_length,
> + &p_marshalled_sd,
> + &sd_size);
> +
> + if (NT_STATUS_EQUAL(status, NT_STATUS_BUFFER_TOO_SMALL)) {
> + /* Return needed size. */
> + state->out_output_buffer = data_blob_talloc(state,
> + NULL,
> + 4);
> + if (tevent_req_nomem(state->out_output_buffer.data,
> req)) {
> + return tevent_req_post(req, ev);
> + }
> +
> SIVAL(state->out_output_buffer.data,0,(uint32_t)sd_size);
> + state->status = NT_STATUS_BUFFER_TOO_SMALL;
> + break;
don't we need to make sure that in_output_buffer_length is at least 4?
> + }
> + if (!NT_STATUS_IS_OK(status)) {
> + DEBUG(10,("smbd_smb2_getinfo_send: "
> + "smbd_do_query_security_desc of %s failed "
> + "(%s)\n", fsp_str_dbg(fsp),
> + nt_errstr(status)));
> + tevent_req_nterror(req, status);
> + return tevent_req_post(req, ev);
> + }
> +
> + if (sd_size > 0) {
> + state->out_output_buffer = data_blob_talloc(state,
> +
> p_marshalled_sd,
> + sd_size);
> + if (tevent_req_nomem(state->out_output_buffer.data,
> req)) {
> + return tevent_req_post(req, ev);
> + }
> + }
can't we use talloc_move here and avoid a memdup?
metze
signature.asc
Description: OpenPGP digital signature
