The Samba-Bugzilla – Attachment 7817 Details for
Bug 9058
Files not deleted, smbstatus shows "Segmentation fault"
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
git-am version of Volker's fix with metze's additional change.
look (text/plain), 8.63 KB, created by
Jeremy Allison
on 2012-08-23 16:47:23 UTC
(
hide
)
Description:
git-am version of Volker's fix with metze's additional change.
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2012-08-23 16:47:23 UTC
Size:
8.63 KB
patch
obsolete
>From 71e8bf9f9f522c5f329c586b0303bfa1c5002a83 Mon Sep 17 00:00:00 2001 >From: Volker Lendecke <vl@samba.org> >Date: Thu, 23 Aug 2012 09:45:53 -0700 >Subject: [PATCH 1/2] Backport FSCTL codes from master > >--- > source3/include/ntioctl.h | 80 ++++++++++++++++++++++++++++++++++++-------- > 1 files changed, 65 insertions(+), 15 deletions(-) > >diff --git a/source3/include/ntioctl.h b/source3/include/ntioctl.h >index 18707c5..925a06f 100644 >--- a/source3/include/ntioctl.h >+++ b/source3/include/ntioctl.h >@@ -31,34 +31,84 @@ > /* Some of the following such as the encryption/compression ones would be */ > /* invoked from tools via a specialized hook into the VFS rather than via the */ > /* standard vfs entry points */ >-#define FSCTL_REQUEST_OPLOCK_LEVEL_1 0x00090000 >-#define FSCTL_REQUEST_OPLOCK_LEVEL_2 0x00090004 >-#define FSCTL_REQUEST_BATCH_OPLOCK 0x00090008 > #define FSCTL_LOCK_VOLUME 0x00090018 > #define FSCTL_UNLOCK_VOLUME 0x0009001C > #define FSCTL_GET_COMPRESSION 0x0009003C > #define FSCTL_SET_COMPRESSION 0x0009C040 >-#define FSCTL_IS_VOLUME_DIRTY 0x00090078 > #define FSCTL_REQUEST_FILTER_OPLOCK 0x0009008C >-#define FSCTL_FIND_FILES_BY_SID 0x0009008F >-#define FSCTL_FILESYS_GET_STATISTICS 0x00090090 >-#define FSCTL_SET_OBJECT_ID 0x00090098 >-#define FSCTL_GET_OBJECT_ID 0x0009009C >-#define FSCTL_SET_REPARSE_POINT 0x000900A4 >-#define FSCTL_GET_REPARSE_POINT 0x000900A8 >-#define FSCTL_DELETE_REPARSE_POINT 0x000900AC >-#define FSCTL_CREATE_OR_GET_OBJECT_ID 0x000900C0 >-#define FSCTL_SET_SPARSE 0x000900C4 > #define FSCTL_SET_ZERO_DATA 0x000900C8 > #define FSCTL_SET_ENCRYPTION 0x000900D7 > #define FSCTL_ENCRYPTION_FSCTL_IO 0x000900DB > #define FSCTL_WRITE_RAW_ENCRYPTED 0x000900DF > #define FSCTL_READ_RAW_ENCRYPTED 0x000900E3 > #define FSCTL_SIS_COPYFILE 0x00090100 >-#define FSCTL_QUERY_ALLOCATED_RANGES 0x000940CF > #define FSCTL_SIS_LINK_FILES 0x0009C104 > >-#define FSCTL_GET_SHADOW_COPY_DATA 0x00144064 /* KJC -- Shadow Copy information */ >+/* filesystem control codes */ >+#define FSCTL_METHOD_BUFFERED 0x00000000 >+#define FSCTL_METHOD_IN_DIRECT 0x00000001 >+#define FSCTL_METHOD_OUT_DIRECT 0x00000002 >+#define FSCTL_METHOD_NEITHER 0x00000003 >+ >+#define FSCTL_ACCESS_ANY 0x00000000 >+#define FSCTL_ACCESS_READ 0x00004000 >+#define FSCTL_ACCESS_WRITE 0x00008000 >+ >+#define FSCTL_DFS 0x00060000 >+#define FSCTL_DFS_GET_REFERRALS (FSCTL_DFS | FSCTL_ACCESS_ANY | 0x0194 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_DFS_GET_REFERRALS_EX (FSCTL_DFS | FSCTL_ACCESS_ANY | 0x01B0 | FSCTL_METHOD_BUFFERED) >+ >+#define FSCTL_FILESYSTEM 0x00090000 >+#define FSCTL_REQUEST_OPLOCK_LEVEL_1 (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0000 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_REQUEST_OPLOCK_LEVEL_2 (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0004 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_REQUEST_BATCH_OPLOCK (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0008 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_OPLOCK_BREAK_ACKNOWLEDGE (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x000C | FSCTL_METHOD_BUFFERED) >+#define FSCTL_OPBATCH_ACK_CLOSE_PENDING (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0010 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_OPLOCK_BREAK_NOTIFY (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0014 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_FILESYS_GET_STATISTICS (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0060 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_GET_NTFS_VOLUME_DATA (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0064 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_IS_VOLUME_DIRTY (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0078 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_FIND_FILES_BY_SID (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x008C | FSCTL_METHOD_NEITHER) >+#define FSCTL_SET_OBJECT_ID (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0098 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_GET_OBJECT_ID (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x009C | FSCTL_METHOD_BUFFERED) >+#define FSCTL_DELETE_OBJECT_ID (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x00A0 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_SET_REPARSE_POINT (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x00A4 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_GET_REPARSE_POINT (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x00A8 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_DELETE_REPARSE_POINT (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x00AC | FSCTL_METHOD_BUFFERED) >+#define FSCTL_CREATE_OR_GET_OBJECT_ID (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x00C0 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_SET_SPARSE (FSCTL_FILESYSTEM | FSCTL_ACCESS_ANY | 0x00C4 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_QUERY_ALLOCATED_RANGES (FSCTL_FILESYSTEM | FSCTL_ACCESS_READ | 0x00CC | FSCTL_METHOD_NEITHER) >+#define FSCTL_FILE_LEVEL_TRIM (FSCTL_FILESYSTEM | FSCTL_ACCESS_WRITE | 0x0208 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_OFFLOAD_READ (FSCTL_FILESYSTEM | FSCTL_ACCESS_READ | 0x0264 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_OFFLOAD_WRITE (FSCTL_FILESYSTEM | FSCTL_ACCESS_WRITE | 0x0268 | FSCTL_METHOD_BUFFERED) >+ >+#define FSCTL_NAMED_PIPE 0x00110000 >+#define FSCTL_PIPE_PEEK (FSCTL_NAMED_PIPE | FSCTL_ACCESS_READ | 0x000C | FSCTL_METHOD_BUFFERED) >+#define FSCTL_NAMED_PIPE_READ_WRITE (FSCTL_NAMED_PIPE | FSCTL_ACCESS_READ \ >+ | FSCTL_ACCESS_WRITE | 0x0014 | FSCTL_METHOD_NEITHER) >+#define FSCTL_PIPE_TRANSCEIVE FSCTL_NAMED_PIPE_READ_WRITE /* SMB2 function name */ >+#define FSCTL_PIPE_WAIT (FSCTL_NAMED_PIPE | FSCTL_ACCESS_ANY | 0x0018 | FSCTL_METHOD_BUFFERED) >+ >+#define FSCTL_NETWORK_FILESYSTEM 0x00140000 >+#define FSCTL_GET_SHADOW_COPY_DATA (FSCTL_NETWORK_FILESYSTEM | FSCTL_ACCESS_READ | 0x0064 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_SRV_ENUM_SNAPS FSCTL_GET_SHADOW_COPY_DATA /* SMB2 function name */ >+#define FSCTL_SRV_REQUEST_RESUME_KEY (FSCTL_NETWORK_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0078 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_SRV_COPYCHUNK (FSCTL_NETWORK_FILESYSTEM | FSCTL_ACCESS_READ | 0x00F0 | FSCTL_METHOD_OUT_DIRECT) >+#define FSCTL_SRV_COPYCHUNK_WRITE (FSCTL_NETWORK_FILESYSTEM | FSCTL_ACCESS_WRITE | 0x00F0 | FSCTL_METHOD_OUT_DIRECT) >+#define FSCTL_SRV_READ_HASH (FSCTL_NETWORK_FILESYSTEM | FSCTL_ACCESS_READ| 0x01B8 | FSCTL_METHOD_NEITHER) >+#define FSCTL_LMR_REQ_RESILIENCY (FSCTL_NETWORK_FILESYSTEM | FSCTL_ACCESS_ANY | 0x01D4 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_LMR_SET_LINK_TRACKING_INFORMATION \ >+ (FSCTL_NETWORK_FILESYSTEM | FSCTL_ACCESS_ANY | 0x00EC | FSCTL_METHOD_BUFFERED) >+#define FSCTL_QUERY_NETWORK_INTERFACE_INFO \ >+ (FSCTL_NETWORK_FILESYSTEM | FSCTL_ACCESS_ANY | 0x01FC | FSCTL_METHOD_BUFFERED) >+ >+/* >+ * FSCTL_VALIDATE_NEGOTIATE_INFO_224 was used used in >+ * Windows 8 server beta with SMB 2.24 >+ */ >+#define FSCTL_VALIDATE_NEGOTIATE_INFO_224 \ >+ (FSCTL_NETWORK_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0200 | FSCTL_METHOD_BUFFERED) >+#define FSCTL_VALIDATE_NEGOTIATE_INFO (FSCTL_NETWORK_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0204 | FSCTL_METHOD_BUFFERED) > > #if 0 > #define FSCTL_SECURITY_ID_CHECK >-- >1.7.7.3 > > >From 75c0f2cb62ea2ad05f46557e207d2c9f54d0cea7 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 23 Aug 2012 09:46:27 -0700 >Subject: [PATCH 2/2] s3:smb2_ioctl: add some more validation checks > >Based on a patch from Christian Ambach <ambi@samba.org>. > >metze >--- > source3/smbd/smb2_ioctl.c | 27 +++++++++++++++++++++++---- > 1 files changed, 23 insertions(+), 4 deletions(-) > >diff --git a/source3/smbd/smb2_ioctl.c b/source3/smbd/smb2_ioctl.c >index d545cd3..e869839 100644 >--- a/source3/smbd/smb2_ioctl.c >+++ b/source3/smbd/smb2_ioctl.c >@@ -89,15 +89,34 @@ NTSTATUS smbd_smb2_request_process_ioctl(struct smbd_smb2_request *req) > in_input_buffer.data = (uint8_t *)req->in.vector[i+2].iov_base; > in_input_buffer.length = in_input_length; > >- if (in_file_id_persistent == UINT64_MAX && >- in_file_id_volatile == UINT64_MAX) { >- /* without a handle */ >- } else { >+ switch (in_ctl_code) { >+ case FSCTL_DFS_GET_REFERRALS: >+ case FSCTL_DFS_GET_REFERRALS_EX: >+ case FSCTL_PIPE_WAIT: >+ case FSCTL_VALIDATE_NEGOTIATE_INFO_224: >+ case FSCTL_VALIDATE_NEGOTIATE_INFO: >+ case FSCTL_QUERY_NETWORK_INTERFACE_INFO: >+ /* >+ * Some SMB2 specific CtlCodes like FSCTL_DFS_GET_REFERRALS or >+ * FSCTL_PIPE_WAIT does not take a file handle. >+ * >+ * If FileId in the SMB2 Header of the request is not >+ * 0xFFFFFFFFFFFFFFFF, then the server MUST fail the request >+ * with STATUS_INVALID_PARAMETER. >+ */ >+ if (in_file_id_persistent != UINT64_MAX || >+ in_file_id_volatile != UINT64_MAX) { >+ return smbd_smb2_request_error(req, >+ NT_STATUS_INVALID_PARAMETER); >+ } >+ break; >+ default: > in_fsp = file_fsp_smb2(req, in_file_id_persistent, > in_file_id_volatile); > if (in_fsp == NULL) { > return smbd_smb2_request_error(req, NT_STATUS_FILE_CLOSED); > } >+ break; > } > > subreq = smbd_smb2_ioctl_send(req, >-- >1.7.7.3 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
vl
:
review+
Actions:
View
Attachments on
bug 9058
:
7734
|
7741
|
7742
|
7743
|
7744
|
7801
|
7802
|
7803
|
7809
|
7812
|
7813
|
7814
|
7816
| 7817