summaryrefslogtreecommitdiff
path: root/source3/include/smb_macros.h
diff options
context:
space:
mode:
Diffstat (limited to 'source3/include/smb_macros.h')
-rw-r--r--source3/include/smb_macros.h16
1 files changed, 16 insertions, 0 deletions
diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h
index de39bf616e1..f1191ac011e 100644
--- a/source3/include/smb_macros.h
+++ b/source3/include/smb_macros.h
@@ -56,6 +56,22 @@
((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) && \
(fsp->access_mask & FILE_EXECUTE))))
+/*
+ * This is not documented in revision 49 of [MS-SMB2] but should be added in a
+ * later revision (and torture test smb2.read.access as well as
+ * smb2.ioctl_copy_chunk_bad_access against Server 2012R2 confirms this)
+ *
+ * If FILE_EXECUTE is granted to a handle then the SMB2 server acts as if
+ * FILE_READ_DATA has also been granted. We must still keep the original granted
+ * mask, because with ioctl requests, access checks are made on the file handle,
+ * "below" the SMB2 server, and the object store below the SMB layer is not
+ * aware of this arrangement (see smb2.ioctl.copy_chunk_bad_access torture
+ * test).
+ */
+#define CHECK_READ_SMB2(fsp) \
+ (((fsp)->fh->fd != -1) && \
+ ((fsp)->can_read || (fsp->access_mask & FILE_EXECUTE)))
+
/* An IOCTL readability check (validating read access
* when the IOCTL code requires it)
* http://social.technet.microsoft.com/wiki/contents/articles/24653.decoding-io-control-codes-ioctl-fsctl-and-deviceiocodes-with-table-of-known-values.aspx
View Lorry Controller Status