req = smb2_request_init_tree(tree, SMB2_OP_FLUSH, 0x18, false, 0);
if (req == NULL) return NULL;
- SSVAL(req->out.body, 0x02, 0); /* pad? */
- SIVAL(req->out.body, 0x04, io->in.unknown);
+ SSVAL(req->out.body, 0x02, io->in.reserved1);
+ SIVAL(req->out.body, 0x04, io->in.reserved2);
smb2_push_handle(req->out.body+0x08, &io->in.file.handle);
smb2_transport_send(req);
SMB2_CHECK_PACKET_RECV(req, 0x04, false);
+ io->out.reserved = SVAL(req->in.body, 0x02);
+
return smb2_request_destroy(req);
}
SMB2SRV_CHECK_ASYNC_STATUS(io, union smb_flush);
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x04, false, 0));
- SSVAL(req->out.body, 0x02, 0);
+ SSVAL(req->out.body, 0x02, io->smb2.out.reserved);
smb2srv_send_reply(req);
}
void smb2srv_flush_recv(struct smb2srv_request *req)
{
union smb_flush *io;
- uint16_t _pad;
SMB2SRV_CHECK_BODY_SIZE(req, 0x18, false);
SMB2SRV_TALLOC_IO_PTR(io, union smb_flush);
SMB2SRV_SETUP_NTVFS_REQUEST(smb2srv_flush_send, NTVFS_ASYNC_STATE_MAY_ASYNC);
io->smb2.level = RAW_FLUSH_SMB2;
- _pad = SVAL(req->in.body, 0x02);
- io->smb2.in.unknown = IVAL(req->in.body, 0x04);
+ io->smb2.in.reserved1 = SVAL(req->in.body, 0x02);
+ io->smb2.in.reserved2 = IVAL(req->in.body, 0x04);
io->smb2.in.file.ntvfs = smb2srv_pull_handle(req, req->in.body, 0x08);
SMB2SRV_CHECK_FILE_HANDLE(io->smb2.in.file.ntvfs);
*/
static uint16_t gen_fnum_close(int instance)
{
- if (num_open_handles < 3) {
- if (gen_chance(80)) return BAD_HANDLE;
+ if (num_open_handles < 5) {
+ if (gen_chance(90)) return BAD_HANDLE;
}
return gen_fnum(instance);
*/
static uint32_t gen_access_mask(void)
{
- if (gen_chance(50)) return SEC_FLAG_MAXIMUM_ALLOWED;
- if (gen_chance(20)) return SEC_FILE_ALL;
+ if (gen_chance(70)) return SEC_FLAG_MAXIMUM_ALLOWED;
+ if (gen_chance(70)) return SEC_FILE_ALL;
return gen_bits_mask(0xFFFFFFFF);
}
*/
static uint32_t gen_open_disp(void)
{
+ if (gen_chance(50)) return NTCREATEX_DISP_OPEN_IF;
if (gen_chance(10)) return gen_bits_mask(0xFFFFFFFF);
return gen_int_range(0, 5);
}
/*
generate ntcreatex operations
*/
-static bool handler_ntcreatex(int instance)
+static bool handler_create(int instance)
{
struct smb2_create parm[NSERVERS];
NTSTATUS status[NSERVERS];
ZERO_STRUCT(parm[0]);
- parm[0].in.security_flags = gen_bits_levels(3, 70, 0x0, 70, 0x3, 100, 0xFF);
- parm[0].in.oplock_level = gen_bits_levels(3, 70, 0x0, 70, 0x9, 100, 0xFF);
- parm[0].in.impersonation_level = gen_bits_levels(3, 70, 0x0, 70, 0x3, 100, 0xFFFFFFFF);
- parm[0].in.create_flags = gen_bits_levels(2, 80, 0x0, 100, 0xFFFFFFFF);
+ parm[0].in.security_flags = gen_bits_levels(3, 90, 0x0, 70, 0x3, 100, 0xFF);
+ parm[0].in.oplock_level = gen_bits_levels(3, 90, 0x0, 70, 0x9, 100, 0xFF);
+ parm[0].in.impersonation_level = gen_bits_levels(3, 90, 0x0, 70, 0x3, 100, 0xFFFFFFFF);
+ parm[0].in.create_flags = gen_bits_levels(2, 90, 0x0, 100, 0xFFFFFFFF);
if (gen_chance(2)) {
parm[0].in.create_flags |= gen_bits_mask(0xFFFFFFFF);
}
- parm[0].in.reserved = gen_bits_levels(2, 80, 0x0, 100, 0xFFFFFFFF);
+ parm[0].in.reserved = gen_bits_levels(2, 95, 0x0, 100, 0xFFFFFFFF);
if (gen_chance(2)) {
parm[0].in.reserved |= gen_bits_mask(0xFFFFFFFF);
}
return true;
}
+/*
+ generate flush operations
+*/
+static bool handler_flush(int instance)
+{
+ struct smb2_flush parm[NSERVERS];
+ NTSTATUS status[NSERVERS];
+
+ ZERO_STRUCT(parm[0]);
+ parm[0].in.file.handle.data[0] = gen_fnum(instance);
+ parm[0].in.reserved1 = gen_bits_mask2(0x0, 0xFFFF);
+ parm[0].in.reserved2 = gen_bits_mask2(0x0, 0xFFFFFFFF);
+
+ GEN_COPY_PARM;
+ GEN_SET_FNUM(in.file.handle);
+ GEN_CALL(smb2_flush(tree, &parm[i]));
+
+ CHECK_EQUAL(out.reserved);
+
+ return true;
+}
+
#if 0
/*
bool (*handler)(int instance);
int count, success_count;
} gen_ops[] = {
- {"NTCREATEX", handler_ntcreatex},
+ {"CREATE", handler_create},
{"CLOSE", handler_close},
{"READ", handler_read},
{"WRITE", handler_write},
{"LOCK", handler_lock},
+ {"FLUSH", handler_flush},
};
git.samba.org / kai / samba.git / commitdiff