search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
WHATSNEW: Add major changes.
[Samba.git] / libcli / smb / smb2_create_blob.c
blob31c67e99c78dffecc94b1cbb127ea3dd3d25c25c
1 /*
2 Unix SMB/CIFS implementation.
3
4 SMB2 Create Context Blob handling
5
6 Copyright (C) Andrew Tridgell 2005
7 Copyright (C) Stefan Metzmacher 2008-2009
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "../libcli/smb/smb_common.h"
25
26 static size_t smb2_create_blob_padding(uint32_t offset, size_t n)
27 {
28 if ((offset & (n-1)) == 0) return 0;
29 return n - (offset & (n-1));
30 }
31
32 /*
33 parse a set of SMB2 create blobs
34 */
35 NTSTATUS smb2_create_blob_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB buffer,
36 struct smb2_create_blobs *blobs)
37 {
38 const uint8_t *data = buffer.data;
39 uint32_t remaining = buffer.length;
40
41 while (remaining > 0) {
42 uint32_t next;
43 uint32_t name_offset, name_length;
44 uint32_t reserved, data_offset;
45 uint32_t data_length;
46 char *tag;
47 DATA_BLOB b;
48 NTSTATUS status;
49
50 if (remaining < 16) {
51 return NT_STATUS_INVALID_PARAMETER;
52 }
53 next = IVAL(data, 0);
54 name_offset = SVAL(data, 4);
55 name_length = SVAL(data, 6);
56 reserved = SVAL(data, 8);
57 data_offset = SVAL(data, 10);
58 data_length = IVAL(data, 12);
59
60 if ((next & 0x7) != 0 ||
61 next > remaining ||
62 name_offset < 16 ||
63 name_offset > remaining ||
64 name_length != 4 || /* windows enforces this */
65 name_offset + name_length > remaining ||
66 (data_offset && (data_offset < name_offset + name_length)) ||
67 (data_offset && (data_offset > remaining)) ||
68 (data_offset && data_length &&
69 (data_offset + (uint64_t)data_length > remaining))) {
70 return NT_STATUS_INVALID_PARAMETER;
71 }
72
73 tag = talloc_strndup(mem_ctx, (const char *)data + name_offset, name_length);
74 if (tag == NULL) {
75 return NT_STATUS_NO_MEMORY;
76 }
77
78 b = data_blob_const(data+data_offset, data_length);
79 status = smb2_create_blob_add(mem_ctx, blobs, tag, b);
80 if (!NT_STATUS_IS_OK(status)) {
81 return status;
82 }
83
84 talloc_free(tag);
85
86 if (next == 0) break;
87
88 remaining -= next;
89 data += next;
90
91 if (remaining < 16) {
92 return NT_STATUS_INVALID_PARAMETER;
93 }
94 }
95
96 return NT_STATUS_OK;
97 }
98
99
100 /*
101 add a blob to a smb2_create attribute blob
102 */
103 static NTSTATUS smb2_create_blob_push_one(TALLOC_CTX *mem_ctx, DATA_BLOB *buffer,
104 const struct smb2_create_blob *blob,
105 bool last)
106 {
107 uint32_t ofs = buffer->length;
108 size_t tag_length = strlen(blob->tag);
109 uint8_t pad = smb2_create_blob_padding(blob->data.length+tag_length, 4);
110
111 if (!data_blob_realloc(mem_ctx, buffer,
112 buffer->length + 0x14 + tag_length + blob->data.length + pad))
113 return NT_STATUS_NO_MEMORY;
114
115 if (last) {
116 SIVAL(buffer->data, ofs+0x00, 0);
117 } else {
118 SIVAL(buffer->data, ofs+0x00, 0x14 + tag_length + blob->data.length + pad);
119 }
120 SSVAL(buffer->data, ofs+0x04, 0x10); /* offset of tag */
121 SIVAL(buffer->data, ofs+0x06, tag_length); /* tag length */
122 SSVAL(buffer->data, ofs+0x0A, 0x14 + tag_length); /* offset of data */
123 SIVAL(buffer->data, ofs+0x0C, blob->data.length);
124 memcpy(buffer->data+ofs+0x10, blob->tag, tag_length);
125 SIVAL(buffer->data, ofs+0x10+tag_length, 0); /* pad? */
126 memcpy(buffer->data+ofs+0x14+tag_length, blob->data.data, blob->data.length);
127 memset(buffer->data+ofs+0x14+tag_length+blob->data.length, 0, pad);
128
129 return NT_STATUS_OK;
130 }
131
132
133 /*
134 create a buffer of a set of create blobs
135 */
136 NTSTATUS smb2_create_blob_push(TALLOC_CTX *mem_ctx, DATA_BLOB *buffer,
137 const struct smb2_create_blobs blobs)
138 {
139 int i;
140 NTSTATUS status;
141
142 *buffer = data_blob(NULL, 0);
143 for (i=0; i < blobs.num_blobs; i++) {
144 bool last = false;
145 const struct smb2_create_blob *c;
146
147 if ((i + 1) == blobs.num_blobs) {
148 last = true;
149 }
150
151 c = &blobs.blobs[i];
152 status = smb2_create_blob_push_one(mem_ctx, buffer, c, last);
153 if (!NT_STATUS_IS_OK(status)) {
154 return status;
155 }
156 }
157 return NT_STATUS_OK;
158 }
159
160
161 NTSTATUS smb2_create_blob_add(TALLOC_CTX *mem_ctx, struct smb2_create_blobs *b,
162 const char *tag, DATA_BLOB data)
163 {
164 struct smb2_create_blob *array;
165
166 array = talloc_realloc(mem_ctx, b->blobs,
167 struct smb2_create_blob,
168 b->num_blobs + 1);
169 NT_STATUS_HAVE_NO_MEMORY(array);
170 b->blobs = array;
171
172 b->blobs[b->num_blobs].tag = talloc_strdup(b->blobs, tag);
173 NT_STATUS_HAVE_NO_MEMORY(b->blobs[b->num_blobs].tag);
174
175 if (data.data) {
176 b->blobs[b->num_blobs].data = data_blob_talloc(b->blobs,
177 data.data,
178 data.length);
179 NT_STATUS_HAVE_NO_MEMORY(b->blobs[b->num_blobs].data.data);
180 } else {
181 b->blobs[b->num_blobs].data = data_blob(NULL, 0);
182 }
183
184 b->num_blobs += 1;
185
186 return NT_STATUS_OK;
187 }
188
189 /*
190 * return the first blob with the given tag
191 */
192 struct smb2_create_blob *smb2_create_blob_find(const struct smb2_create_blobs *b,
193 const char *tag)
194 {
195 uint32_t i;
196
197 for (i=0; i < b->num_blobs; i++) {
198 if (strcmp(b->blobs[i].tag, tag) == 0) {
199 return &b->blobs[i];
200 }
201 }
202
203 return NULL;
204 }
Samba GIT mirror