search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix for crash bug freeing a non-malloc'ed buffer if the client sends a non-encrypted...
[Samba/bb.git] / source / libsmb / smb_share_modes.c
blob16b3b1092545390c03e98b846408a8fb578647a4
1 /*
2 Samba share mode database library external interface library.
3 Used by non-Samba products needing access to the Samba share mode db.
4
5 Copyright (C) Jeremy Allison 2005 - 2006
6
7 sharemodes_procid functions (C) Copyright (C) Volker Lendecke 2005
8
9 ** NOTE! The following LGPL license applies to this module only.
10 ** This does NOT imply that all of Samba is released
11 ** under the LGPL
12
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
17
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
22
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
25 */
26
27 #include "includes.h"
28 #include "smb_share_modes.h"
29
30 /* Database context handle. */
31 struct smbdb_ctx {
32 TDB_CONTEXT *smb_tdb;
33 };
34
35 /* Remove the paranoid malloc checker. */
36 #ifdef malloc
37 #undef malloc
38 #endif
39
40 int smb_create_share_mode_entry_ex(struct smbdb_ctx *db_ctx, uint64_t dev,
41 uint64_t ino, const struct smb_share_mode_entry *new_entry,
42 const char *sharepath, const char *filename);
43
44 static bool sharemodes_procid_equal(const struct server_id *p1, const struct server_id *p2)
45 {
46 return (p1->pid == p2->pid);
47 }
48
49 static pid_t sharemodes_procid_to_pid(const struct server_id *proc)
50 {
51 return proc->pid;
52 }
53
54 /*
55 * open/close sharemode database.
56 */
57
58 struct smbdb_ctx *smb_share_mode_db_open(const char *db_path)
59 {
60 struct smbdb_ctx *smb_db = (struct smbdb_ctx *)malloc(sizeof(struct smbdb_ctx));
61
62 if (!smb_db) {
63 return NULL;
64 }
65
66 memset(smb_db, '\0', sizeof(struct smbdb_ctx));
67
68 smb_db->smb_tdb = tdb_open(db_path,
69 0, TDB_DEFAULT|TDB_CLEAR_IF_FIRST,
70 O_RDWR|O_CREAT,
71 0644);
72
73 if (!smb_db->smb_tdb) {
74 free(smb_db);
75 return NULL;
76 }
77
78 /* Should check that this is the correct version.... */
79 return smb_db;
80 }
81
82 /* key and data records in the tdb locking database */
83 struct locking_key {
84 SMB_DEV_T dev;
85 SMB_INO_T inode;
86 };
87
88 int smb_share_mode_db_close(struct smbdb_ctx *db_ctx)
89 {
90 int ret = tdb_close(db_ctx->smb_tdb);
91 free(db_ctx);
92 return ret;
93 }
94
95 static TDB_DATA get_locking_key(uint64_t dev, uint64_t ino)
96 {
97 static struct locking_key lk;
98 TDB_DATA ld;
99
100 memset(&lk, '\0', sizeof(struct locking_key));
101 lk.dev = (SMB_DEV_T)dev;
102 lk.inode = (SMB_INO_T)ino;
103 ld.dptr = (uint8 *)&lk;
104 ld.dsize = sizeof(lk);
105 return ld;
106 }
107
108 /*
109 * lock/unlock entry in sharemode database.
110 */
111
112 int smb_lock_share_mode_entry(struct smbdb_ctx *db_ctx,
113 uint64_t dev,
114 uint64_t ino)
115 {
116 return tdb_chainlock(db_ctx->smb_tdb, get_locking_key(dev, ino));
117 }
118
119 int smb_unlock_share_mode_entry(struct smbdb_ctx *db_ctx,
120 uint64_t dev,
121 uint64_t ino)
122 {
123 return tdb_chainunlock(db_ctx->smb_tdb, get_locking_key(dev, ino));
124 }
125
126 /*
127 * Check if an external smb_share_mode_entry and an internal share_mode entry match.
128 */
129
130 static int share_mode_entry_equal(const struct smb_share_mode_entry *e_entry,
131 const struct share_mode_entry *entry)
132 {
133 return (sharemodes_procid_equal(&e_entry->pid, &entry->pid) &&
134 e_entry->file_id == (uint32_t)entry->share_file_id &&
135 e_entry->open_time.tv_sec == entry->time.tv_sec &&
136 e_entry->open_time.tv_usec == entry->time.tv_usec &&
137 e_entry->share_access == (uint32_t)entry->share_access &&
138 e_entry->access_mask == (uint32_t)entry->access_mask &&
139 e_entry->dev == entry->id.devid &&
140 e_entry->ino == entry->id.inode);
141 }
142
143 /*
144 * Create an internal Samba share_mode entry from an external smb_share_mode_entry.
145 */
146
147 static void create_share_mode_entry(struct share_mode_entry *out,
148 const struct smb_share_mode_entry *in)
149 {
150 memset(out, '\0', sizeof(struct share_mode_entry));
151
152 out->pid = in->pid;
153 out->share_file_id = (unsigned long)in->file_id;
154 out->time.tv_sec = in->open_time.tv_sec;
155 out->time.tv_usec = in->open_time.tv_usec;
156 out->share_access = in->share_access;
157 out->access_mask = in->access_mask;
158 out->id.devid = in->dev;
159 out->id.inode = in->ino;
160 out->uid = (uint32)geteuid();
161 out->flags = 0;
162 }
163
164 /*
165 * Return the current share mode list for an open file.
166 * This uses similar (but simplified) logic to locking/locking.c
167 */
168
169 int smb_get_share_mode_entries(struct smbdb_ctx *db_ctx,
170 uint64_t dev,
171 uint64_t ino,
172 struct smb_share_mode_entry **pp_list,
173 unsigned char *p_delete_on_close)
174 {
175 TDB_DATA db_data;
176 struct smb_share_mode_entry *list = NULL;
177 int num_share_modes = 0;
178 struct locking_data *ld = NULL; /* internal samba db state. */
179 struct share_mode_entry *shares = NULL;
180 size_t i;
181 int list_num;
182
183 *pp_list = NULL;
184 *p_delete_on_close = 0;
185
186 db_data = tdb_fetch(db_ctx->smb_tdb, get_locking_key(dev, ino));
187 if (!db_data.dptr) {
188 return 0;
189 }
190
191 ld = (struct locking_data *)db_data.dptr;
192 num_share_modes = ld->u.s.num_share_mode_entries;
193
194 if (!num_share_modes) {
195 free(db_data.dptr);
196 return 0;
197 }
198
199 list = (struct smb_share_mode_entry *)malloc(sizeof(struct smb_share_mode_entry)*num_share_modes);
200 if (!list) {
201 free(db_data.dptr);
202 return -1;
203 }
204
205 memset(list, '\0', num_share_modes * sizeof(struct smb_share_mode_entry));
206
207 shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data));
208
209 list_num = 0;
210 for (i = 0; i < num_share_modes; i++) {
211 struct share_mode_entry *share = &shares[i];
212 struct smb_share_mode_entry *sme = &list[list_num];
213 struct server_id pid = share->pid;
214
215 /* Check this process really exists. */
216 if (kill(sharemodes_procid_to_pid(&pid), 0) == -1 && (errno == ESRCH)) {
217 continue; /* No longer exists. */
218 }
219
220 /* Ignore deferred open entries. */
221 if (share->op_type == DEFERRED_OPEN_ENTRY) {
222 continue;
223 }
224
225 /* Copy into the external list. */
226 sme->dev = share->id.devid;
227 sme->ino = share->id.inode;
228 sme->share_access = (uint32_t)share->share_access;
229 sme->access_mask = (uint32_t)share->access_mask;
230 sme->open_time.tv_sec = share->time.tv_sec;
231 sme->open_time.tv_usec = share->time.tv_usec;
232 sme->file_id = (uint32_t)share->share_file_id;
233 sme->pid = share->pid;
234 list_num++;
235 }
236
237 if (list_num == 0) {
238 free(db_data.dptr);
239 free(list);
240 return 0;
241 }
242
243 *p_delete_on_close = ld->u.s.delete_on_close;
244 *pp_list = list;
245 free(db_data.dptr);
246 return list_num;
247 }
248
249 /*
250 * Create an entry in the Samba share mode db.
251 */
252
253 int smb_create_share_mode_entry_ex(struct smbdb_ctx *db_ctx,
254 uint64_t dev,
255 uint64_t ino,
256 const struct smb_share_mode_entry *new_entry,
257 const char *sharepath, /* Must be absolute utf8 path. */
258 const char *filename) /* Must be relative utf8 path. */
259 {
260 TDB_DATA db_data;
261 TDB_DATA locking_key = get_locking_key(dev, ino);
262 int orig_num_share_modes = 0;
263 struct locking_data *ld = NULL; /* internal samba db state. */
264 struct share_mode_entry *shares = NULL;
265 uint8 *new_data_p = NULL;
266 size_t new_data_size = 0;
267
268 db_data = tdb_fetch(db_ctx->smb_tdb, locking_key);
269 if (!db_data.dptr) {
270 /* We must create the entry. */
271 db_data.dptr = (uint8 *)malloc(
272 sizeof(struct locking_data) +
273 sizeof(struct share_mode_entry) +
274 strlen(sharepath) + 1 +
275 strlen(filename) + 1);
276 if (!db_data.dptr) {
277 return -1;
278 }
279 ld = (struct locking_data *)db_data.dptr;
280 memset(ld, '\0', sizeof(struct locking_data));
281 ld->u.s.num_share_mode_entries = 1;
282 ld->u.s.delete_on_close = 0;
283 ld->u.s.delete_token_size = 0;
284 shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data));
285 create_share_mode_entry(shares, new_entry);
286
287 memcpy(db_data.dptr + sizeof(struct locking_data) + sizeof(struct share_mode_entry),
288 sharepath,
289 strlen(sharepath) + 1);
290 memcpy(db_data.dptr + sizeof(struct locking_data) + sizeof(struct share_mode_entry) +
291 strlen(sharepath) + 1,
292 filename,
293 strlen(filename) + 1);
294
295 db_data.dsize = sizeof(struct locking_data) + sizeof(struct share_mode_entry) +
296 strlen(sharepath) + 1 +
297 strlen(filename) + 1;
298 if (tdb_store(db_ctx->smb_tdb, locking_key, db_data, TDB_INSERT) == -1) {
299 free(db_data.dptr);
300 return -1;
301 }
302 free(db_data.dptr);
303 return 0;
304 }
305
306 /* Entry exists, we must add a new entry. */
307 new_data_p = (uint8 *)malloc(
308 db_data.dsize + sizeof(struct share_mode_entry));
309 if (!new_data_p) {
310 free(db_data.dptr);
311 return -1;
312 }
313
314 ld = (struct locking_data *)db_data.dptr;
315 orig_num_share_modes = ld->u.s.num_share_mode_entries;
316
317 /* Copy the original data. */
318 memcpy(new_data_p, db_data.dptr, sizeof(struct locking_data) + (orig_num_share_modes * sizeof(struct share_mode_entry)));
319
320 /* Add in the new share mode */
321 shares = (struct share_mode_entry *)(new_data_p + sizeof(struct locking_data) +
322 (orig_num_share_modes * sizeof(struct share_mode_entry)));
323
324 create_share_mode_entry(shares, new_entry);
325
326 ld = (struct locking_data *)new_data_p;
327 ld->u.s.num_share_mode_entries++;
328
329 /* Append the original delete_token and filenames. */
330 memcpy(new_data_p + sizeof(struct locking_data) + (ld->u.s.num_share_mode_entries * sizeof(struct share_mode_entry)),
331 db_data.dptr + sizeof(struct locking_data) + (orig_num_share_modes * sizeof(struct share_mode_entry)),
332 db_data.dsize - sizeof(struct locking_data) - (orig_num_share_modes * sizeof(struct share_mode_entry)));
333
334 new_data_size = db_data.dsize + sizeof(struct share_mode_entry);
335
336 free(db_data.dptr);
337
338 db_data.dptr = new_data_p;
339 db_data.dsize = new_data_size;
340
341 if (tdb_store(db_ctx->smb_tdb, locking_key, db_data, TDB_REPLACE) == -1) {
342 free(db_data.dptr);
343 return -1;
344 }
345 free(db_data.dptr);
346 return 0;
347 }
348
349 /*
350 * Create an entry in the Samba share mode db. Original interface - doesn't
351 * Distinguish between share path and filename. Fudge this by using a
352 * sharepath of / and a relative filename of (filename+1).
353 */
354
355 int smb_create_share_mode_entry(struct smbdb_ctx *db_ctx,
356 uint64_t dev,
357 uint64_t ino,
358 const struct smb_share_mode_entry *new_entry,
359 const char *filename) /* Must be absolute utf8 path. */
360 {
361 if (*filename != '/') {
362 abort();
363 }
364 return smb_create_share_mode_entry_ex(db_ctx, dev, ino, new_entry,
365 "/", &filename[1]);
366 }
367
368 int smb_delete_share_mode_entry(struct smbdb_ctx *db_ctx,
369 uint64_t dev,
370 uint64_t ino,
371 const struct smb_share_mode_entry *del_entry)
372 {
373 TDB_DATA db_data;
374 TDB_DATA locking_key = get_locking_key(dev, ino);
375 int orig_num_share_modes = 0;
376 struct locking_data *ld = NULL; /* internal samba db state. */
377 struct share_mode_entry *shares = NULL;
378 uint8 *new_data_p = NULL;
379 size_t remaining_size = 0;
380 size_t i, num_share_modes;
381 const uint8 *remaining_ptr = NULL;
382
383 db_data = tdb_fetch(db_ctx->smb_tdb, locking_key);
384 if (!db_data.dptr) {
385 return -1; /* Error - missing entry ! */
386 }
387
388 ld = (struct locking_data *)db_data.dptr;
389 orig_num_share_modes = ld->u.s.num_share_mode_entries;
390 shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data));
391
392 if (orig_num_share_modes == 1) {
393 /* Only one entry - better be ours... */
394 if (!share_mode_entry_equal(del_entry, shares)) {
395 /* Error ! We can't delete someone else's entry ! */
396 free(db_data.dptr);
397 return -1;
398 }
399 /* It's ours - just remove the entire record. */
400 free(db_data.dptr);
401 return tdb_delete(db_ctx->smb_tdb, locking_key);
402 }
403
404 /* More than one - allocate a new record minus the one we'll delete. */
405 new_data_p = (uint8 *)malloc(
406 db_data.dsize - sizeof(struct share_mode_entry));
407 if (!new_data_p) {
408 free(db_data.dptr);
409 return -1;
410 }
411
412 /* Copy the header. */
413 memcpy(new_data_p, db_data.dptr, sizeof(struct locking_data));
414
415 num_share_modes = 0;
416 for (i = 0; i < orig_num_share_modes; i++) {
417 struct share_mode_entry *share = &shares[i];
418 struct server_id pid = share->pid;
419
420 /* Check this process really exists. */
421 if (kill(sharemodes_procid_to_pid(&pid), 0) == -1 && (errno == ESRCH)) {
422 continue; /* No longer exists. */
423 }
424
425 if (share_mode_entry_equal(del_entry, share)) {
426 continue; /* This is our delete taget. */
427 }
428
429 memcpy(new_data_p + sizeof(struct locking_data) +
430 (num_share_modes * sizeof(struct share_mode_entry)),
431 share, sizeof(struct share_mode_entry) );
432
433 num_share_modes++;
434 }
435
436 if (num_share_modes == 0) {
437 /* None left after pruning. Delete record. */
438 free(db_data.dptr);
439 free(new_data_p);
440 return tdb_delete(db_ctx->smb_tdb, locking_key);
441 }
442
443 /* Copy any delete token plus the terminating filenames. */
444 remaining_ptr = db_data.dptr + sizeof(struct locking_data) + (orig_num_share_modes * sizeof(struct share_mode_entry));
445 remaining_size = db_data.dsize - (remaining_ptr - db_data.dptr);
446
447 memcpy(new_data_p + sizeof(struct locking_data) + (num_share_modes * sizeof(struct share_mode_entry)),
448 remaining_ptr,
449 remaining_size);
450
451 free(db_data.dptr);
452
453 db_data.dptr = new_data_p;
454
455 /* Re-save smaller record. */
456 ld = (struct locking_data *)db_data.dptr;
457 ld->u.s.num_share_mode_entries = num_share_modes;
458
459 db_data.dsize = sizeof(struct locking_data) + (num_share_modes * sizeof(struct share_mode_entry)) + remaining_size;
460
461 if (tdb_store(db_ctx->smb_tdb, locking_key, db_data, TDB_REPLACE) == -1) {
462 free(db_data.dptr);
463 return -1;
464 }
465 free(db_data.dptr);
466 return 0;
467 }
468
469 int smb_change_share_mode_entry(struct smbdb_ctx *db_ctx,
470 uint64_t dev,
471 uint64_t ino,
472 const struct smb_share_mode_entry *set_entry,
473 const struct smb_share_mode_entry *new_entry)
474 {
475 TDB_DATA db_data;
476 TDB_DATA locking_key = get_locking_key(dev, ino);
477 int num_share_modes = 0;
478 struct locking_data *ld = NULL; /* internal samba db state. */
479 struct share_mode_entry *shares = NULL;
480 size_t i;
481 int found_entry = 0;
482
483 db_data = tdb_fetch(db_ctx->smb_tdb, locking_key);
484 if (!db_data.dptr) {
485 return -1; /* Error - missing entry ! */
486 }
487
488 ld = (struct locking_data *)db_data.dptr;
489 num_share_modes = ld->u.s.num_share_mode_entries;
490 shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data));
491
492 for (i = 0; i < num_share_modes; i++) {
493 struct share_mode_entry *share = &shares[i];
494 struct server_id pid = share->pid;
495
496 /* Check this process really exists. */
497 if (kill(sharemodes_procid_to_pid(&pid), 0) == -1 && (errno == ESRCH)) {
498 continue; /* No longer exists. */
499 }
500
501 if (share_mode_entry_equal(set_entry, share)) {
502 create_share_mode_entry(share, new_entry);
503 found_entry = 1;
504 break;
505 }
506 }
507
508 if (!found_entry) {
509 free(db_data.dptr);
510 return -1;
511 }
512
513 /* Save modified data. */
514 if (tdb_store(db_ctx->smb_tdb, locking_key, db_data, TDB_REPLACE) == -1) {
515 free(db_data.dptr);
516 return -1;
517 }
518 free(db_data.dptr);
519 return 0;
520 }