ctdbd_conn: Fix CID 1301580 Explicit null dereferenced
[Samba.git] / libcli / smb / smb1cli_echo.c
blob10dff2d8c9b507a3d40be3b7c3a626802c6ce674
1 /*
2 Unix SMB/CIFS implementation.
3 smb2 lib
4 Copyright (C) Stefan Metzmacher 2012
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "includes.h"
21 #include "system/network.h"
22 #include "lib/util/tevent_ntstatus.h"
23 #include "smb_common.h"
24 #include "smbXcli_base.h"
26 struct smb1cli_echo_state {
27 uint16_t vwv[1];
28 DATA_BLOB data;
29 uint16_t num_echos;
32 static void smb1cli_echo_done(struct tevent_req *subreq);
34 struct tevent_req *smb1cli_echo_send(TALLOC_CTX *mem_ctx,
35 struct tevent_context *ev,
36 struct smbXcli_conn *conn,
37 uint32_t timeout_msec,
38 uint16_t num_echos,
39 DATA_BLOB data)
41 struct tevent_req *req, *subreq;
42 struct smb1cli_echo_state *state;
44 req = tevent_req_create(mem_ctx, &state, struct smb1cli_echo_state);
45 if (req == NULL) {
46 return NULL;
48 SSVAL(state->vwv, 0, num_echos);
49 state->data = data;
50 state->num_echos = num_echos;
52 subreq = smb1cli_req_send(state, ev, conn, SMBecho,
53 0, 0, /* *_flags */
54 0, 0, /* *_flags2 */
55 timeout_msec,
56 0, /* pid */
57 NULL, /* tcon */
58 NULL, /* session */
59 ARRAY_SIZE(state->vwv), state->vwv,
60 data.length, data.data);
61 if (subreq == NULL) {
62 goto fail;
64 tevent_req_set_callback(subreq, smb1cli_echo_done, req);
65 return req;
66 fail:
67 TALLOC_FREE(req);
68 return NULL;
71 static void smb1cli_echo_done(struct tevent_req *subreq)
73 struct tevent_req *req = tevent_req_callback_data(
74 subreq, struct tevent_req);
75 struct smb1cli_echo_state *state = tevent_req_data(
76 req, struct smb1cli_echo_state);
77 NTSTATUS status;
78 uint32_t num_bytes;
79 uint8_t *bytes;
80 struct iovec *recv_iov;
81 struct smb1cli_req_expected_response expected[] = {
83 .status = NT_STATUS_OK,
84 .wct = 1,
88 status = smb1cli_req_recv(subreq, state,
89 &recv_iov,
90 NULL, /* phdr */
91 NULL, /* pwct */
92 NULL, /* pvwv */
93 NULL, /* pvwv_offset */
94 &num_bytes,
95 &bytes,
96 NULL, /* pbytes_offset */
97 NULL, /* pinbuf */
98 expected, ARRAY_SIZE(expected));
99 if (!NT_STATUS_IS_OK(status)) {
100 tevent_req_nterror(req, status);
101 return;
104 if (num_bytes != state->data.length) {
105 tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
106 return;
109 if (memcmp(bytes, state->data.data, num_bytes) != 0) {
110 tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
111 return;
114 /* TODO: do we want to verify the sequence number? */
116 state->num_echos -=1;
117 if (state->num_echos == 0) {
118 tevent_req_done(req);
119 return;
122 if (!smbXcli_req_set_pending(subreq)) {
123 tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
124 return;
129 * Get the result out from an echo request
130 * @param[in] req The async_req from smb1cli_echo_send
131 * @retval Did the server reply correctly?
134 NTSTATUS smb1cli_echo_recv(struct tevent_req *req)
136 return tevent_req_simple_recv_ntstatus(req);
139 NTSTATUS smb1cli_echo(struct smbXcli_conn *conn, uint32_t timeout_msec,
140 uint16_t num_echos, DATA_BLOB data)
142 TALLOC_CTX *frame = talloc_stackframe();
143 struct tevent_context *ev;
144 struct tevent_req *req;
145 NTSTATUS status = NT_STATUS_NO_MEMORY;
147 if (smbXcli_conn_has_async_calls(conn)) {
149 * Can't use sync call while an async call is in flight
151 status = NT_STATUS_INVALID_PARAMETER;
152 goto fail;
154 ev = samba_tevent_context_init(frame);
155 if (ev == NULL) {
156 goto fail;
158 req = smb1cli_echo_send(frame, ev, conn, timeout_msec, num_echos, data);
159 if (req == NULL) {
160 goto fail;
162 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
163 goto fail;
165 status = smb1cli_echo_recv(req);
166 fail:
167 TALLOC_FREE(frame);
168 return status;