s3: libsmb: cli_setatr() and async version. Don't allow attribtes > 16 bits on an...

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c
index d603775b25f6764ffd16145352ae0c265146adcb..6c75759bbca21a33ec045057c3426c02eaccf666 100644 (file)
--- a/source3/libsmb/clifile.c
+++ b/source3/libsmb/clifile.c
@@ -4521,6 +4521,16 @@ struct tevent_req *cli_setatr_send(TALLOC_CTX *mem_ctx,
                return NULL;
        }
 
+       if (attr & 0xFFFF0000) {
+               /*
+                * Don't allow attributes greater than
+                * 16-bits for a 16-bit protocol value.
+                */
+               if (tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER)) {
+                       return tevent_req_post(req, ev);
+               }
+       }
+
        SSVAL(state->vwv+0, 0, attr);
        push_dos_date3((uint8_t *)&state->vwv[1], 0, mtime, smb1cli_conn_server_time_zone(cli->conn));