From 5a7224b1429e95677a7fe3efb1b2e097ce61bf54 Mon Sep 17 00:00:00 2001
From: David Disseldorp <ddiss@samba.org>
Date: Wed, 27 Aug 2014 15:42:00 +0200
Subject: [PATCH] dosmode: fix FSCTL_SET_SPARSE request validation

Check that FSCTL_SET_SPARSE requests does not refer to directories. Also
reject such requests when issued over IPC or printer share connections.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10787

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 28 04:22:37 CEST 2014 on sn-devel-104

(cherry picked from commit 0751495b1327d002b79482632b7c590cae6e3f9d)
---
 source3/smbd/dosmode.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c
index f369b32..1a930de 100644
--- a/source3/smbd/dosmode.c
+++ b/source3/smbd/dosmode.c
@@ -941,6 +941,19 @@ NTSTATUS file_set_sparse(connection_struct *conn,
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
+	if (fsp->is_directory) {
+		DEBUG(9, ("invalid attempt to %s sparse flag on dir %s\n",
+			  (sparse ? "set" : "clear"),
+			  smb_fname_str_dbg(fsp->fsp_name)));
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+
+	if (IS_IPC(conn) || IS_PRINT(conn)) {
+		DEBUG(9, ("attempt to %s sparse flag over invalid conn\n",
+			  (sparse ? "set" : "clear")));
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+
 	DEBUG(10,("file_set_sparse: setting sparse bit %u on file %s\n",
 		  sparse, smb_fname_str_dbg(fsp->fsp_name)));
 
-- 
1.8.4.5