s3: smbd - smb1 - fix read of deleted memory in reply_writeclose().
[Samba.git] / source3 / libsmb / smb_share_modes.c
blobc29721dd4307513769612f023e7f6a3ab26511b4
1 /*
2 Samba share mode database library external interface library.
3 Used by non-Samba products needing access to the Samba share mode db.
5 Copyright (C) Jeremy Allison 2005 - 2006
7 sharemodes_procid functions (C) Copyright (C) Volker Lendecke 2005
9 ** NOTE! The following LGPL license applies to this module only.
10 ** This does NOT imply that all of Samba is released
11 ** under the LGPL
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
27 #define UID_WRAPPER_NOT_REPLACE
28 #include "includes.h"
29 #include "system/filesys.h"
30 #include "smb_share_modes.h"
31 #include "tdb_compat.h"
32 #include "librpc/gen_ndr/open_files.h"
33 #include <ccan/hash/hash.h>
35 /* Database context handle. */
36 struct smbdb_ctx {
37 TDB_CONTEXT *smb_tdb;
40 /* Remove the paranoid malloc checker. */
41 #ifdef malloc
42 #undef malloc
43 #endif
46 * Internal structure of locking.tdb share mode db.
47 * Used by locking.c and libsmbsharemodes.c
50 struct locking_data {
51 union {
52 struct {
53 int num_share_mode_entries;
54 struct timespec old_write_time;
55 struct timespec changed_write_time;
56 uint32 num_delete_token_entries;
57 } s;
58 struct share_mode_entry dummy; /* Needed for alignment. */
59 } u;
60 /* The following four entries are implicit
62 (1) struct share_mode_entry modes[num_share_mode_entries];
64 (2) A num_delete_token_entries of structs {
65 uint32_t len_delete_token;
66 char unix_token[len_delete_token] (divisible by 4).
69 (3) char share_name[];
70 (4) char file_name[];
74 int smb_create_share_mode_entry_ex(struct smbdb_ctx *db_ctx, uint64_t dev,
75 uint64_t ino, uint64_t extid,
76 const struct smb_share_mode_entry *new_entry,
77 const char *sharepath, const char *filename);
79 static bool sharemodes_procid_equal(const struct server_id *p1, const struct server_id *p2)
81 return (p1->pid == p2->pid);
84 static pid_t sharemodes_procid_to_pid(const struct server_id *proc)
86 return proc->pid;
90 * open/close sharemode database.
93 struct smbdb_ctx *smb_share_mode_db_open(const char *db_path)
95 struct smbdb_ctx *smb_db = (struct smbdb_ctx *)malloc(sizeof(struct smbdb_ctx));
97 if (!smb_db) {
98 return NULL;
101 memset(smb_db, '\0', sizeof(struct smbdb_ctx));
103 /* FIXME: We should *never* open a tdb without logging! */
104 smb_db->smb_tdb = tdb_open_compat(db_path,
105 0, TDB_DEFAULT|TDB_CLEAR_IF_FIRST|TDB_INCOMPATIBLE_HASH,
106 O_RDWR|O_CREAT,
107 0644,
108 NULL, NULL);
110 if (!smb_db->smb_tdb) {
111 free(smb_db);
112 return NULL;
115 /* Should check that this is the correct version.... */
116 return smb_db;
119 /* key and data records in the tdb locking database */
120 struct locking_key {
121 SMB_DEV_T dev;
122 SMB_INO_T inode;
123 uint64_t extid;
126 int smb_share_mode_db_close(struct smbdb_ctx *db_ctx)
128 int ret = tdb_close(db_ctx->smb_tdb);
129 free(db_ctx);
130 return ret;
133 static TDB_DATA get_locking_key(struct locking_key *lk, uint64_t dev,
134 uint64_t ino, uint64_t extid)
136 TDB_DATA ld;
138 memset(lk, '\0', sizeof(*lk));
139 lk->dev = (SMB_DEV_T)dev;
140 lk->inode = (SMB_INO_T)ino;
141 lk->extid = extid;
142 ld.dptr = (uint8 *)lk;
143 ld.dsize = sizeof(*lk);
144 return ld;
148 * lock/unlock entry in sharemode database.
151 int smb_lock_share_mode_entry(struct smbdb_ctx *db_ctx,
152 uint64_t dev,
153 uint64_t ino,
154 uint64_t extid)
156 struct locking_key lk;
157 return tdb_chainlock(db_ctx->smb_tdb, get_locking_key(&lk, dev, ino,
158 extid)) == 0 ? 0 : -1;
161 int smb_unlock_share_mode_entry(struct smbdb_ctx *db_ctx,
162 uint64_t dev,
163 uint64_t ino,
164 uint64_t extid)
166 struct locking_key lk;
167 tdb_chainunlock(db_ctx->smb_tdb,
168 get_locking_key(&lk, dev, ino, extid));
169 return 0;
173 * Check if an external smb_share_mode_entry and an internal share_mode entry match.
176 static int share_mode_entry_equal(const struct smb_share_mode_entry *e_entry,
177 const struct share_mode_entry *entry)
179 return (sharemodes_procid_equal(&e_entry->pid, &entry->pid) &&
180 e_entry->file_id == (uint32_t)entry->share_file_id &&
181 e_entry->open_time.tv_sec == entry->time.tv_sec &&
182 e_entry->open_time.tv_usec == entry->time.tv_usec &&
183 e_entry->share_access == (uint32_t)entry->share_access &&
184 e_entry->access_mask == (uint32_t)entry->access_mask &&
185 e_entry->dev == entry->id.devid &&
186 e_entry->ino == entry->id.inode &&
187 e_entry->extid == entry->id.extid);
191 * Create an internal Samba share_mode entry from an external smb_share_mode_entry.
194 static void create_share_mode_entry(struct share_mode_entry *out,
195 const struct smb_share_mode_entry *in,
196 uint32_t name_hash)
198 memset(out, '\0', sizeof(struct share_mode_entry));
200 out->pid = in->pid;
201 out->share_file_id = (unsigned long)in->file_id;
202 out->time.tv_sec = in->open_time.tv_sec;
203 out->time.tv_usec = in->open_time.tv_usec;
204 out->share_access = in->share_access;
205 out->access_mask = in->access_mask;
206 out->id.devid = in->dev;
207 out->id.inode = in->ino;
208 out->id.extid = in->extid;
209 out->uid = (uint32)geteuid();
210 out->flags = 0;
211 out->name_hash = name_hash;
215 * Return the current share mode list for an open file.
216 * This uses similar (but simplified) logic to locking/locking.c
219 int smb_get_share_mode_entries(struct smbdb_ctx *db_ctx,
220 uint64_t dev,
221 uint64_t ino,
222 uint64_t extid,
223 struct smb_share_mode_entry **pp_list,
224 unsigned char *p_delete_on_close)
226 struct locking_key lk;
227 TDB_DATA db_data;
228 struct smb_share_mode_entry *list = NULL;
229 int num_share_modes = 0;
230 struct locking_data *ld = NULL; /* internal samba db state. */
231 struct share_mode_entry *shares = NULL;
232 size_t i;
233 int list_num;
235 *pp_list = NULL;
236 *p_delete_on_close = 0;
238 db_data = tdb_fetch_compat(db_ctx->smb_tdb,
239 get_locking_key(&lk, dev, ino, extid));
240 if (!db_data.dptr) {
241 return 0;
244 ld = (struct locking_data *)db_data.dptr;
245 num_share_modes = ld->u.s.num_share_mode_entries;
247 if (!num_share_modes) {
248 free(db_data.dptr);
249 return 0;
252 list = (struct smb_share_mode_entry *)malloc(sizeof(struct smb_share_mode_entry)*num_share_modes);
253 if (!list) {
254 free(db_data.dptr);
255 return -1;
258 memset(list, '\0', num_share_modes * sizeof(struct smb_share_mode_entry));
260 shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data));
262 list_num = 0;
263 for (i = 0; i < num_share_modes; i++) {
264 struct share_mode_entry *share = &shares[i];
265 struct smb_share_mode_entry *sme = &list[list_num];
266 struct server_id pid = share->pid;
268 /* Check this process really exists. */
269 if (kill(sharemodes_procid_to_pid(&pid), 0) == -1 && (errno == ESRCH)) {
270 continue; /* No longer exists. */
273 /* Copy into the external list. */
274 sme->dev = share->id.devid;
275 sme->ino = share->id.inode;
276 sme->extid = share->id.extid;
277 sme->share_access = (uint32_t)share->share_access;
278 sme->access_mask = (uint32_t)share->access_mask;
279 sme->open_time.tv_sec = share->time.tv_sec;
280 sme->open_time.tv_usec = share->time.tv_usec;
281 sme->file_id = (uint32_t)share->share_file_id;
282 sme->pid = share->pid;
283 list_num++;
286 if (list_num == 0) {
287 free(db_data.dptr);
288 free(list);
289 return 0;
292 *p_delete_on_close = ld->u.s.num_delete_token_entries != 0;
293 *pp_list = list;
294 free(db_data.dptr);
295 return list_num;
298 static uint32_t smb_name_hash(const char *sharepath, const char *filename, int *err)
300 char *fullpath = NULL;
301 size_t sharepath_size = strlen(sharepath);
302 size_t filename_size = strlen(filename);
303 uint32_t name_hash;
305 *err = 0;
306 fullpath = (char *)malloc(sharepath_size + filename_size + 2);
307 if (fullpath == NULL) {
308 *err = 1;
309 return 0;
311 memcpy(fullpath, sharepath, sharepath_size);
312 fullpath[sharepath_size] = '/';
313 memcpy(&fullpath[sharepath_size + 1], filename, filename_size + 1);
315 name_hash = hash(fullpath, strlen(fullpath) + 1, 0);
316 free(fullpath);
317 return name_hash;
321 * Create an entry in the Samba share mode db.
324 int smb_create_share_mode_entry_ex(struct smbdb_ctx *db_ctx,
325 uint64_t dev,
326 uint64_t ino,
327 uint64_t extid,
328 const struct smb_share_mode_entry *new_entry,
329 const char *sharepath, /* Must be absolute utf8 path. */
330 const char *filename) /* Must be relative utf8 path. */
332 TDB_DATA db_data;
333 struct locking_key lk;
334 TDB_DATA locking_key = get_locking_key(&lk, dev, ino, extid);
335 int orig_num_share_modes = 0;
336 struct locking_data *ld = NULL; /* internal samba db state. */
337 struct share_mode_entry *shares = NULL;
338 uint8 *new_data_p = NULL;
339 size_t new_data_size = 0;
340 int err = 0;
341 uint32_t name_hash = smb_name_hash(sharepath, filename, &err);
343 if (err) {
344 return -1;
347 db_data = tdb_fetch_compat(db_ctx->smb_tdb, locking_key);
348 if (!db_data.dptr) {
349 /* We must create the entry. */
350 db_data.dptr = (uint8 *)malloc(
351 sizeof(struct locking_data) +
352 sizeof(struct share_mode_entry) +
353 strlen(sharepath) + 1 +
354 strlen(filename) + 1);
355 if (!db_data.dptr) {
356 return -1;
358 ld = (struct locking_data *)db_data.dptr;
359 memset(ld, '\0', sizeof(struct locking_data));
360 ld->u.s.num_share_mode_entries = 1;
361 ld->u.s.num_delete_token_entries = 0;
362 shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data));
363 create_share_mode_entry(shares, new_entry, name_hash);
365 memcpy(db_data.dptr + sizeof(struct locking_data) + sizeof(struct share_mode_entry),
366 sharepath,
367 strlen(sharepath) + 1);
368 memcpy(db_data.dptr + sizeof(struct locking_data) + sizeof(struct share_mode_entry) +
369 strlen(sharepath) + 1,
370 filename,
371 strlen(filename) + 1);
373 db_data.dsize = sizeof(struct locking_data) + sizeof(struct share_mode_entry) +
374 strlen(sharepath) + 1 +
375 strlen(filename) + 1;
376 if (tdb_store(db_ctx->smb_tdb, locking_key, db_data, TDB_INSERT) != 0) {
377 free(db_data.dptr);
378 return -1;
380 free(db_data.dptr);
381 return 0;
384 /* Entry exists, we must add a new entry. */
385 new_data_p = (uint8 *)malloc(
386 db_data.dsize + sizeof(struct share_mode_entry));
387 if (!new_data_p) {
388 free(db_data.dptr);
389 return -1;
392 ld = (struct locking_data *)db_data.dptr;
393 orig_num_share_modes = ld->u.s.num_share_mode_entries;
395 /* Copy the original data. */
396 memcpy(new_data_p, db_data.dptr, sizeof(struct locking_data) + (orig_num_share_modes * sizeof(struct share_mode_entry)));
398 /* Add in the new share mode */
399 shares = (struct share_mode_entry *)(new_data_p + sizeof(struct locking_data) +
400 (orig_num_share_modes * sizeof(struct share_mode_entry)));
402 create_share_mode_entry(shares, new_entry, name_hash);
404 ld = (struct locking_data *)new_data_p;
405 ld->u.s.num_share_mode_entries++;
407 /* Append the original delete_tokens and filenames. */
408 memcpy(new_data_p + sizeof(struct locking_data) + (ld->u.s.num_share_mode_entries * sizeof(struct share_mode_entry)),
409 db_data.dptr + sizeof(struct locking_data) + (orig_num_share_modes * sizeof(struct share_mode_entry)),
410 db_data.dsize - sizeof(struct locking_data) - (orig_num_share_modes * sizeof(struct share_mode_entry)));
412 new_data_size = db_data.dsize + sizeof(struct share_mode_entry);
414 free(db_data.dptr);
416 db_data.dptr = new_data_p;
417 db_data.dsize = new_data_size;
419 if (tdb_store(db_ctx->smb_tdb, locking_key, db_data, TDB_REPLACE) != 0) {
420 free(db_data.dptr);
421 return -1;
423 free(db_data.dptr);
424 return 0;
428 * Create an entry in the Samba share mode db. Original interface - doesn't
429 * Distinguish between share path and filename. Fudge this by using a
430 * sharepath of / and a relative filename of (filename+1).
433 int smb_create_share_mode_entry(struct smbdb_ctx *db_ctx,
434 uint64_t dev,
435 uint64_t ino,
436 uint64_t extid,
437 const struct smb_share_mode_entry *new_entry,
438 const char *filename) /* Must be absolute utf8 path. */
440 if (*filename != '/') {
441 abort();
443 return smb_create_share_mode_entry_ex(db_ctx, dev, ino, extid, new_entry,
444 "/", &filename[1]);
447 int smb_delete_share_mode_entry(struct smbdb_ctx *db_ctx,
448 uint64_t dev,
449 uint64_t ino,
450 uint64_t extid,
451 const struct smb_share_mode_entry *del_entry)
453 TDB_DATA db_data;
454 struct locking_key lk;
455 TDB_DATA locking_key = get_locking_key(&lk, dev, ino, extid);
456 int orig_num_share_modes = 0;
457 struct locking_data *ld = NULL; /* internal samba db state. */
458 struct share_mode_entry *shares = NULL;
459 uint8 *new_data_p = NULL;
460 size_t remaining_size = 0;
461 size_t i, num_share_modes;
462 const uint8 *remaining_ptr = NULL;
464 db_data = tdb_fetch_compat(db_ctx->smb_tdb, locking_key);
465 if (!db_data.dptr) {
466 return -1; /* Error - missing entry ! */
469 ld = (struct locking_data *)db_data.dptr;
470 orig_num_share_modes = ld->u.s.num_share_mode_entries;
471 shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data));
473 if (orig_num_share_modes == 1) {
474 /* Only one entry - better be ours... */
475 if (!share_mode_entry_equal(del_entry, shares)) {
476 /* Error ! We can't delete someone else's entry ! */
477 free(db_data.dptr);
478 return -1;
480 /* It's ours - just remove the entire record. */
481 free(db_data.dptr);
482 return tdb_delete(db_ctx->smb_tdb, locking_key) ? -1 : 0;
485 /* More than one - allocate a new record minus the one we'll delete. */
486 new_data_p = (uint8 *)malloc(
487 db_data.dsize - sizeof(struct share_mode_entry));
488 if (!new_data_p) {
489 free(db_data.dptr);
490 return -1;
493 /* Copy the header. */
494 memcpy(new_data_p, db_data.dptr, sizeof(struct locking_data));
496 num_share_modes = 0;
497 for (i = 0; i < orig_num_share_modes; i++) {
498 struct share_mode_entry *share = &shares[i];
499 struct server_id pid = share->pid;
501 /* Check this process really exists. */
502 if (kill(sharemodes_procid_to_pid(&pid), 0) == -1 && (errno == ESRCH)) {
503 continue; /* No longer exists. */
506 if (share_mode_entry_equal(del_entry, share)) {
507 continue; /* This is our delete taget. */
510 memcpy(new_data_p + sizeof(struct locking_data) +
511 (num_share_modes * sizeof(struct share_mode_entry)),
512 share, sizeof(struct share_mode_entry) );
514 num_share_modes++;
517 if (num_share_modes == 0) {
518 /* None left after pruning. Delete record. */
519 free(db_data.dptr);
520 free(new_data_p);
521 return tdb_delete(db_ctx->smb_tdb, locking_key) ? -1 : 0;
524 /* Copy any delete tokens plus the terminating filenames. */
525 remaining_ptr = db_data.dptr + sizeof(struct locking_data) + (orig_num_share_modes * sizeof(struct share_mode_entry));
526 remaining_size = db_data.dsize - (remaining_ptr - db_data.dptr);
528 memcpy(new_data_p + sizeof(struct locking_data) + (num_share_modes * sizeof(struct share_mode_entry)),
529 remaining_ptr,
530 remaining_size);
532 free(db_data.dptr);
534 db_data.dptr = new_data_p;
536 /* Re-save smaller record. */
537 ld = (struct locking_data *)db_data.dptr;
538 ld->u.s.num_share_mode_entries = num_share_modes;
540 db_data.dsize = sizeof(struct locking_data) + (num_share_modes * sizeof(struct share_mode_entry)) + remaining_size;
542 if (tdb_store(db_ctx->smb_tdb, locking_key, db_data, TDB_REPLACE) != 0) {
543 free(db_data.dptr);
544 return -1;
546 free(db_data.dptr);
547 return 0;
550 int smb_change_share_mode_entry(struct smbdb_ctx *db_ctx,
551 uint64_t dev,
552 uint64_t ino,
553 uint64_t extid,
554 const struct smb_share_mode_entry *set_entry,
555 const struct smb_share_mode_entry *new_entry)
557 TDB_DATA db_data;
558 struct locking_key lk;
559 TDB_DATA locking_key = get_locking_key(&lk, dev, ino, extid);
560 int num_share_modes = 0;
561 struct locking_data *ld = NULL; /* internal samba db state. */
562 struct share_mode_entry *shares = NULL;
563 size_t i;
564 int found_entry = 0;
566 db_data = tdb_fetch_compat(db_ctx->smb_tdb, locking_key);
567 if (!db_data.dptr) {
568 return -1; /* Error - missing entry ! */
571 ld = (struct locking_data *)db_data.dptr;
572 num_share_modes = ld->u.s.num_share_mode_entries;
573 shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data));
575 for (i = 0; i < num_share_modes; i++) {
576 struct share_mode_entry *share = &shares[i];
577 struct server_id pid = share->pid;
579 /* Check this process really exists. */
580 if (kill(sharemodes_procid_to_pid(&pid), 0) == -1 && (errno == ESRCH)) {
581 continue; /* No longer exists. */
584 if (share_mode_entry_equal(set_entry, share)) {
585 create_share_mode_entry(share, new_entry, share->name_hash);
586 found_entry = 1;
587 break;
591 if (!found_entry) {
592 free(db_data.dptr);
593 return -1;
596 /* Save modified data. */
597 if (tdb_store(db_ctx->smb_tdb, locking_key, db_data, TDB_REPLACE) != 0) {
598 free(db_data.dptr);
599 return -1;
601 free(db_data.dptr);
602 return 0;