ctdbd_conn: Fix CID 1301580 Explicit null dereferenced
[Samba.git] / libcli / smb / smb2cli_query_directory.c
blobd1ccdb808e7a9ba12c92a918ff1917004a889093
1 /*
2 Unix SMB/CIFS implementation.
3 smb2 lib
4 Copyright (C) Volker Lendecke 2011
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "includes.h"
21 #include "system/network.h"
22 #include "lib/util/tevent_ntstatus.h"
23 #include "smb_common.h"
24 #include "smbXcli_base.h"
26 struct smb2cli_query_directory_state {
27 uint8_t fixed[32];
28 uint8_t dyn_pad[1];
29 struct iovec *recv_iov;
30 uint8_t *data;
31 uint32_t data_length;
34 static void smb2cli_query_directory_done(struct tevent_req *subreq);
36 struct tevent_req *smb2cli_query_directory_send(TALLOC_CTX *mem_ctx,
37 struct tevent_context *ev,
38 struct smbXcli_conn *conn,
39 uint32_t timeout_msec,
40 struct smbXcli_session *session,
41 struct smbXcli_tcon *tcon,
42 uint8_t level,
43 uint8_t flags,
44 uint32_t file_index,
45 uint64_t fid_persistent,
46 uint64_t fid_volatile,
47 const char *mask,
48 uint32_t outbuf_len)
50 struct tevent_req *req, *subreq;
51 struct smb2cli_query_directory_state *state;
52 uint8_t *fixed;
53 uint8_t *dyn;
54 size_t dyn_len;
56 req = tevent_req_create(mem_ctx, &state,
57 struct smb2cli_query_directory_state);
58 if (req == NULL) {
59 return NULL;
62 if (!convert_string_talloc(state, CH_UNIX, CH_UTF16,
63 mask, strlen(mask),
64 &dyn, &dyn_len)) {
65 tevent_req_oom(req);
66 return tevent_req_post(req, ev);
69 if (strlen(mask) == 0) {
70 TALLOC_FREE(dyn);
71 dyn_len = 0;
74 fixed = state->fixed;
75 SSVAL(fixed, 0, 33);
76 SCVAL(fixed, 2, level);
77 SCVAL(fixed, 3, flags);
78 SIVAL(fixed, 4, file_index);
79 SBVAL(fixed, 8, fid_persistent);
80 SBVAL(fixed, 16, fid_volatile);
81 SSVAL(fixed, 24, SMB2_HDR_BODY + 32);
82 SSVAL(fixed, 26, dyn_len);
83 SSVAL(fixed, 28, outbuf_len);
85 if (dyn_len == 0) {
86 dyn = state->dyn_pad;
87 dyn_len = sizeof(state->dyn_pad);
90 subreq = smb2cli_req_send(state, ev, conn, SMB2_OP_QUERY_DIRECTORY,
91 0, 0, /* flags */
92 timeout_msec,
93 tcon,
94 session,
95 state->fixed, sizeof(state->fixed),
96 dyn, dyn_len,
97 outbuf_len); /* max_dyn_len */
98 if (tevent_req_nomem(subreq, req)) {
99 return tevent_req_post(req, ev);
101 tevent_req_set_callback(subreq, smb2cli_query_directory_done, req);
102 return req;
105 static void smb2cli_query_directory_done(struct tevent_req *subreq)
107 struct tevent_req *req =
108 tevent_req_callback_data(subreq,
109 struct tevent_req);
110 struct smb2cli_query_directory_state *state =
111 tevent_req_data(req,
112 struct smb2cli_query_directory_state);
113 NTSTATUS status;
114 struct iovec *iov;
115 uint16_t data_offset;
116 static const struct smb2cli_req_expected_response expected[] = {
118 .status = NT_STATUS_OK,
119 .body_size = 0x09
123 status = smb2cli_req_recv(subreq, state, &iov,
124 expected, ARRAY_SIZE(expected));
125 TALLOC_FREE(subreq);
126 if (tevent_req_nterror(req, status)) {
127 return;
130 data_offset = SVAL(iov[1].iov_base, 2);
131 state->data_length = IVAL(iov[1].iov_base, 4);
133 if ((data_offset != SMB2_HDR_BODY + 8) ||
134 (state->data_length > iov[2].iov_len)) {
135 tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
136 return;
139 state->recv_iov = iov;
140 state->data = (uint8_t *)iov[2].iov_base;
141 tevent_req_done(req);
144 NTSTATUS smb2cli_query_directory_recv(struct tevent_req *req,
145 TALLOC_CTX *mem_ctx,
146 uint8_t **data,
147 uint32_t *data_length)
149 struct smb2cli_query_directory_state *state =
150 tevent_req_data(req,
151 struct smb2cli_query_directory_state);
152 NTSTATUS status;
154 if (tevent_req_is_nterror(req, &status)) {
155 return status;
157 talloc_steal(mem_ctx, state->recv_iov);
158 *data_length = state->data_length;
159 *data = state->data;
160 return NT_STATUS_OK;
163 NTSTATUS smb2cli_query_directory(struct smbXcli_conn *conn,
164 uint32_t timeout_msec,
165 struct smbXcli_session *session,
166 struct smbXcli_tcon *tcon,
167 uint8_t level,
168 uint8_t flags,
169 uint32_t file_index,
170 uint64_t fid_persistent,
171 uint64_t fid_volatile,
172 const char *mask,
173 uint32_t outbuf_len,
174 TALLOC_CTX *mem_ctx,
175 uint8_t **data,
176 uint32_t *data_length)
178 TALLOC_CTX *frame = talloc_stackframe();
179 struct tevent_context *ev;
180 struct tevent_req *req;
181 NTSTATUS status = NT_STATUS_NO_MEMORY;
183 if (smbXcli_conn_has_async_calls(conn)) {
185 * Can't use sync call while an async call is in flight
187 status = NT_STATUS_INVALID_PARAMETER;
188 goto fail;
190 ev = samba_tevent_context_init(frame);
191 if (ev == NULL) {
192 goto fail;
194 req = smb2cli_query_directory_send(frame, ev, conn, timeout_msec,
195 session, tcon,
196 level, flags,
197 file_index, fid_persistent,
198 fid_volatile, mask, outbuf_len);
199 if (req == NULL) {
200 goto fail;
202 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
203 goto fail;
205 status = smb2cli_query_directory_recv(req, mem_ctx,
206 data, data_length);
207 fail:
208 TALLOC_FREE(frame);
209 return status;