2 * Unix SMB/CIFS implementation.
3 * RPC Pipe client / server routines
5 * Copyright (C) Andrew Tridgell 1992-2000,
6 * Copyright (C) Luke Kenneth Casson Leighton 1996-2000,
7 * Copyright (C) Jean François Micouleau 1998-2000,
8 * Copyright (C) Gerald Carter 2000-2005,
9 * Copyright (C) Tim Potter 2001-2002.
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 #define DBGC_CLASS DBGC_RPC_PARSE
31 /**********************************************************************
32 Initialize a new spoolss buff for use by a client rpc
33 **********************************************************************/
34 void rpcbuf_init(RPC_BUFFER
*buffer
, uint32 size
, TALLOC_CTX
*ctx
)
37 buffer
->string_at_end
= size
;
38 prs_init(&buffer
->prs
, size
, ctx
, MARSHALL
);
39 buffer
->struct_start
= prs_offset(&buffer
->prs
);
42 /*******************************************************************
43 Read/write a RPC_BUFFER struct.
44 ********************************************************************/
46 BOOL
prs_rpcbuffer(const char *desc
, prs_struct
*ps
, int depth
, RPC_BUFFER
*buffer
)
48 prs_debug(ps
, depth
, desc
, "prs_rpcbuffer");
52 if (UNMARSHALLING(ps
)) {
54 buffer
->string_at_end
=0;
56 if (!prs_uint32("size", ps
, depth
, &buffer
->size
))
60 * JRA. I'm not sure if the data in here is in big-endian format if
61 * the client is big-endian. Leave as default (little endian) for now.
64 if (!prs_init(&buffer
->prs
, buffer
->size
, prs_get_mem_context(ps
), UNMARSHALL
))
67 if (!prs_append_some_prs_data(&buffer
->prs
, ps
, prs_offset(ps
), buffer
->size
))
70 if (!prs_set_offset(&buffer
->prs
, 0))
73 if (!prs_set_offset(ps
, buffer
->size
+prs_offset(ps
)))
76 buffer
->string_at_end
=buffer
->size
;
83 if (!prs_uint32("size", ps
, depth
, &buffer
->size
))
86 if (!prs_append_some_prs_data(ps
, &buffer
->prs
, 0, buffer
->size
))
92 /* We have finished with the data in buffer->prs - free it. */
93 prs_mem_free(&buffer
->prs
);
99 /*******************************************************************
100 Read/write an RPC_BUFFER* struct.(allocate memory if unmarshalling)
101 ********************************************************************/
103 BOOL
prs_rpcbuffer_p(const char *desc
, prs_struct
*ps
, int depth
, RPC_BUFFER
**buffer
)
107 /* caputure the pointer value to stream */
109 data_p
= (uint32
) *buffer
;
111 if ( !prs_uint32("ptr", ps
, depth
, &data_p
))
114 /* we're done if there is no data */
119 if ( UNMARSHALLING(ps
) ) {
120 if ( !(*buffer
= PRS_ALLOC_MEM(ps
, RPC_BUFFER
, 1)) )
124 return prs_rpcbuffer( desc
, ps
, depth
, *buffer
);
127 /****************************************************************************
128 Allocate more memory for a RPC_BUFFER.
129 ****************************************************************************/
131 BOOL
rpcbuf_alloc_size(RPC_BUFFER
*buffer
, uint32 buffer_size
)
137 /* if we don't need anything. don't do anything */
139 if ( buffer_size
== 0x0 )
144 /* damn, I'm doing the reverse operation of prs_grow() :) */
145 if (buffer_size
< prs_data_size(ps
))
148 extra_space
= buffer_size
- prs_data_size(ps
);
151 * save the offset and move to the end of the buffer
152 * prs_grow() checks the extra_space against the offset
154 old_offset
=prs_offset(ps
);
155 prs_set_offset(ps
, prs_data_size(ps
));
157 if (!prs_grow(ps
, extra_space
))
160 prs_set_offset(ps
, old_offset
);
162 buffer
->string_at_end
=prs_data_size(ps
);
167 /*******************************************************************
168 move a BUFFER from the query to the reply.
169 As the data pointers in RPC_BUFFER are malloc'ed, not talloc'ed,
170 this is ok. This is an OPTIMIZATION and is not strictly neccessary.
171 Clears the memory to zero also.
172 ********************************************************************/
174 void rpcbuf_move(RPC_BUFFER
*src
, RPC_BUFFER
**dest
)
176 SMB_ASSERT( src
!= NULL
);
178 prs_switch_type(&src
->prs
, MARSHALL
);
179 if(!prs_set_offset(&src
->prs
, 0))
181 prs_force_dynamic(&src
->prs
);
182 prs_mem_clear(&src
->prs
);
186 /*******************************************************************
187 Get the size of a BUFFER struct.
188 ********************************************************************/
190 uint32
rpcbuf_get_size(RPC_BUFFER
*buffer
)
192 return (buffer
->size
);
196 /*******************************************************************
197 * write a UNICODE string and its relative pointer.
198 * used by all the RPC structs passing a buffer
200 * As I'm a nice guy, I'm forcing myself to explain this code.
201 * MS did a good job in the overall spoolss code except in some
202 * functions where they are passing the API buffer directly in the
203 * RPC request/reply. That's to maintain compatiility at the API level.
204 * They could have done it the good way the first time.
206 * So what happen is: the strings are written at the buffer's end,
207 * in the reverse order of the original structure. Some pointers to
208 * the strings are also in the buffer. Those are relative to the
211 * If you don't understand or want to change that function,
212 * first get in touch with me: jfm@samba.org
214 ********************************************************************/
216 BOOL
smb_io_relstr(const char *desc
, RPC_BUFFER
*buffer
, int depth
, UNISTR
*string
)
218 prs_struct
*ps
=&buffer
->prs
;
220 if (MARSHALLING(ps
)) {
221 uint32 struct_offset
= prs_offset(ps
);
222 uint32 relative_offset
;
224 buffer
->string_at_end
-= (size_of_relative_string(string
) - 4);
225 if(!prs_set_offset(ps
, buffer
->string_at_end
))
229 * Win2k does not align strings in a buffer
230 * Tested against WinNT 4.0 SP 6a & 2k SP2 --jerry
235 buffer
->string_at_end
= prs_offset(ps
);
237 /* write the string */
238 if (!smb_io_unistr(desc
, string
, ps
, depth
))
241 if(!prs_set_offset(ps
, struct_offset
))
244 relative_offset
=buffer
->string_at_end
- buffer
->struct_start
;
245 /* write its offset */
246 if (!prs_uint32("offset", ps
, depth
, &relative_offset
))
252 /* read the offset */
253 if (!prs_uint32("offset", ps
, depth
, &(buffer
->string_at_end
)))
256 if (buffer
->string_at_end
== 0)
259 old_offset
= prs_offset(ps
);
260 if(!prs_set_offset(ps
, buffer
->string_at_end
+buffer
->struct_start
))
263 /* read the string */
264 if (!smb_io_unistr(desc
, string
, ps
, depth
))
267 if(!prs_set_offset(ps
, old_offset
))
273 /*******************************************************************
274 * write a array of UNICODE strings and its relative pointer.
275 * used by 2 RPC structs
276 ********************************************************************/
278 BOOL
smb_io_relarraystr(const char *desc
, RPC_BUFFER
*buffer
, int depth
, uint16
**string
)
282 prs_struct
*ps
=&buffer
->prs
;
284 if (MARSHALLING(ps
)) {
285 uint32 struct_offset
= prs_offset(ps
);
286 uint32 relative_offset
;
293 /* first write the last 0 */
294 buffer
->string_at_end
-= 2;
295 if(!prs_set_offset(ps
, buffer
->string_at_end
))
298 if(!prs_uint16("leading zero", ps
, depth
, &zero
))
301 while (p
&& (*p
!=0)) {
305 /* Yes this should be malloc not talloc. Don't change. */
307 chaine
.buffer
= SMB_MALLOC((q
-p
+1)*sizeof(uint16
));
308 if (chaine
.buffer
== NULL
)
311 memcpy(chaine
.buffer
, p
, (q
-p
+1)*sizeof(uint16
));
313 buffer
->string_at_end
-= (q
-p
+1)*sizeof(uint16
);
315 if(!prs_set_offset(ps
, buffer
->string_at_end
)) {
316 SAFE_FREE(chaine
.buffer
);
320 /* write the string */
321 if (!smb_io_unistr(desc
, &chaine
, ps
, depth
)) {
322 SAFE_FREE(chaine
.buffer
);
328 SAFE_FREE(chaine
.buffer
);
331 if(!prs_set_offset(ps
, struct_offset
))
334 relative_offset
=buffer
->string_at_end
- buffer
->struct_start
;
335 /* write its offset */
336 if (!prs_uint32("offset", ps
, depth
, &relative_offset
))
344 uint16
*chaine2
=NULL
;
347 size_t realloc_size
= 0;
351 /* read the offset */
352 if (!prs_uint32("offset", ps
, depth
, &buffer
->string_at_end
))
355 old_offset
= prs_offset(ps
);
356 if(!prs_set_offset(ps
, buffer
->string_at_end
+ buffer
->struct_start
))
360 if (!smb_io_unistr(desc
, &chaine
, ps
, depth
))
363 l_chaine
=str_len_uni(&chaine
);
365 /* we're going to add two more bytes here in case this
366 is the last string in the array and we need to add
367 an extra NULL for termination */
372 realloc_size
= (l_chaine2
+l_chaine
+2)*sizeof(uint16
);
374 /* Yes this should be realloc - it's freed below. JRA */
376 if((tc2
=(uint16
*)SMB_REALLOC(chaine2
, realloc_size
)) == NULL
) {
381 memcpy(chaine2
+l_chaine2
, chaine
.buffer
, (l_chaine
+1)*sizeof(uint16
));
382 l_chaine2
+=l_chaine
+1;
385 } while(l_chaine
!=0);
387 /* the end should be bould NULL terminated so add
388 the second one here */
391 chaine2
[l_chaine2
] = '\0';
392 *string
=(uint16
*)TALLOC_MEMDUP(prs_get_mem_context(ps
),chaine2
,realloc_size
);
396 if(!prs_set_offset(ps
, old_offset
))
402 /*******************************************************************
403 Parse a DEVMODE structure and its relative pointer.
404 ********************************************************************/
406 BOOL
smb_io_relsecdesc(const char *desc
, RPC_BUFFER
*buffer
, int depth
, SEC_DESC
**secdesc
)
408 prs_struct
*ps
= &buffer
->prs
;
410 prs_debug(ps
, depth
, desc
, "smb_io_relsecdesc");
413 if (MARSHALLING(ps
)) {
414 uint32 struct_offset
= prs_offset(ps
);
415 uint32 relative_offset
;
419 if (!prs_uint32("offset", ps
, depth
, &relative_offset
))
424 if (*secdesc
!= NULL
) {
425 buffer
->string_at_end
-= sec_desc_size(*secdesc
);
427 if(!prs_set_offset(ps
, buffer
->string_at_end
))
429 /* write the secdesc */
430 if (!sec_io_desc(desc
, secdesc
, ps
, depth
))
433 if(!prs_set_offset(ps
, struct_offset
))
437 relative_offset
=buffer
->string_at_end
- buffer
->struct_start
;
438 /* write its offset */
440 if (!prs_uint32("offset", ps
, depth
, &relative_offset
))
445 /* read the offset */
446 if (!prs_uint32("offset", ps
, depth
, &buffer
->string_at_end
))
449 old_offset
= prs_offset(ps
);
450 if(!prs_set_offset(ps
, buffer
->string_at_end
+ buffer
->struct_start
))
454 if (!sec_io_desc(desc
, secdesc
, ps
, depth
))
457 if(!prs_set_offset(ps
, old_offset
))
465 /*******************************************************************
466 * return the length of a UNICODE string in number of char, includes:
468 * - the relative pointer size
469 ********************************************************************/
471 uint32
size_of_relative_string(UNISTR
*string
)
475 size
=str_len_uni(string
); /* the string length */
476 size
=size
+1; /* add the trailing zero */
477 size
=size
*2; /* convert in char */
478 size
=size
+4; /* add the size of the ptr */
482 * Do not include alignment as Win2k does not align relative
483 * strings within a buffer --jerry
485 /* Ensure size is 4 byte multiple (prs_align is being called...). */
486 /* size += ((4 - (size & 3)) & 3); */