2 Unix SMB/CIFS implementation.
3 SMB torture tester - scanning functions
4 Copyright (C) Andrew Tridgell 2001
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
26 #define DATA_SIZE 1024
27 #define PARAM_SIZE 1024
29 /****************************************************************************
30 look for a partial hit
31 ****************************************************************************/
32 static void trans2_check_hit(const char *format, int op, int level, NTSTATUS status)
34 if (NT_STATUS_V(status) == NT_STATUS_V(NT_STATUS_INVALID_LEVEL) ||
35 NT_STATUS_V(status) == NT_STATUS_V(NT_STATUS_NOT_IMPLEMENTED) ||
36 NT_STATUS_V(status) == NT_STATUS_V(NT_STATUS_NOT_SUPPORTED) ||
37 NT_STATUS_V(status) == NT_STATUS_V(NT_STATUS_UNSUCCESSFUL) ||
38 NT_STATUS_V(status) == NT_STATUS_V(NT_STATUS_INVALID_INFO_CLASS)) {
42 printf("possible %s hit op=%3d level=%5d status=%s\n",
43 format, op, level, nt_errstr(status));
47 /****************************************************************************
48 check for existance of a trans2 call
49 ****************************************************************************/
50 static NTSTATUS try_trans2(struct cli_state *cli,
52 char *param, char *data,
53 int param_len, int data_len,
54 unsigned int *rparam_len, unsigned int *rdata_len)
57 char *rparam=NULL, *rdata=NULL;
59 if (!cli_send_trans(cli, SMBtrans2,
61 -1, 0, /* fid, flags */
62 &setup, 1, 0, /* setup, length, max */
63 param, param_len, 2, /* param, length, max */
64 data, data_len, cli->max_xmit /* data, length, max */
66 return cli_nt_error(cli);
69 cli_receive_trans(cli, SMBtrans2,
76 return cli_nt_error(cli);
80 static NTSTATUS try_trans2_len(struct cli_state *cli,
83 char *param, char *data,
84 int param_len, int *data_len,
85 unsigned int *rparam_len, unsigned int *rdata_len)
87 NTSTATUS ret=NT_STATUS_OK;
89 ret = try_trans2(cli, op, param, data, param_len,
90 DATA_SIZE, rparam_len, rdata_len);
92 printf("op=%d level=%d ret=%s\n", op, level, nt_errstr(ret));
94 if (!NT_STATUS_IS_OK(ret)) return ret;
97 while (*data_len < DATA_SIZE) {
98 ret = try_trans2(cli, op, param, data, param_len,
99 *data_len, rparam_len, rdata_len);
100 if (NT_STATUS_IS_OK(ret)) break;
103 if (NT_STATUS_IS_OK(ret)) {
104 printf("found %s level=%d data_len=%d rparam_len=%d rdata_len=%d\n",
105 format, level, *data_len, *rparam_len, *rdata_len);
107 trans2_check_hit(format, op, level, ret);
112 /****************************************************************************
113 check for existance of a trans2 call
114 ****************************************************************************/
115 static bool scan_trans2(struct cli_state *cli, int op, int level,
116 int fnum, int dnum, const char *fname)
120 unsigned int rparam_len, rdata_len;
121 char param[PARAM_SIZE], data[DATA_SIZE];
124 memset(data, 0, sizeof(data));
127 /* try with a info level only */
129 SSVAL(param, 0, level);
130 status = try_trans2_len(cli, "void", op, level, param, data, param_len, &data_len,
131 &rparam_len, &rdata_len);
132 if (NT_STATUS_IS_OK(status)) return True;
134 /* try with a file descriptor */
136 SSVAL(param, 0, fnum);
137 SSVAL(param, 2, level);
139 status = try_trans2_len(cli, "fnum", op, level, param, data, param_len, &data_len,
140 &rparam_len, &rdata_len);
141 if (NT_STATUS_IS_OK(status)) return True;
144 /* try with a notify style */
146 SSVAL(param, 0, dnum);
147 SSVAL(param, 2, dnum);
148 SSVAL(param, 4, level);
149 status = try_trans2_len(cli, "notify", op, level, param, data, param_len, &data_len,
150 &rparam_len, &rdata_len);
151 if (NT_STATUS_IS_OK(status)) return True;
153 /* try with a file name */
155 SSVAL(param, 0, level);
158 param_len += clistr_push(cli, ¶m[6], fname, -1, STR_TERMINATE);
160 status = try_trans2_len(cli, "fname", op, level, param, data, param_len, &data_len,
161 &rparam_len, &rdata_len);
162 if (NT_STATUS_IS_OK(status)) return True;
164 /* try with a new file name */
166 SSVAL(param, 0, level);
169 param_len += clistr_push(cli, ¶m[6], "\\newfile.dat", -1, STR_TERMINATE);
171 status = try_trans2_len(cli, "newfile", op, level, param, data, param_len, &data_len,
172 &rparam_len, &rdata_len);
173 cli_unlink(cli, "\\newfile.dat", aSYSTEM | aHIDDEN);
174 cli_rmdir(cli, "\\newfile.dat");
175 if (NT_STATUS_IS_OK(status)) return True;
178 cli_mkdir(cli, "\\testdir");
180 SSVAL(param, 0, level);
181 param_len += clistr_push(cli, ¶m[2], "\\testdir", -1, STR_TERMINATE);
183 status = try_trans2_len(cli, "dfs", op, level, param, data, param_len, &data_len,
184 &rparam_len, &rdata_len);
185 cli_rmdir(cli, "\\testdir");
186 if (NT_STATUS_IS_OK(status)) return True;
192 bool torture_trans2_scan(int dummy)
194 static struct cli_state *cli;
196 const char *fname = "\\scanner.dat";
199 printf("starting trans2 scan test\n");
201 if (!torture_open_connection(&cli, 0)) {
205 if (!NT_STATUS_IS_OK(cli_open(cli, fname, O_RDWR | O_CREAT | O_TRUNC,
206 DENY_NONE, &fnum))) {
207 printf("open of %s failed\n", fname);
210 if (!NT_STATUS_IS_OK(cli_open(cli, "\\", O_RDONLY, DENY_NONE, &dnum))) {
211 printf("open of \\ failed\n");
215 for (op=OP_MIN; op<=OP_MAX; op++) {
216 printf("Scanning op=%d\n", op);
217 for (level = 0; level <= 50; level++) {
218 scan_trans2(cli, op, level, fnum, dnum, fname);
221 for (level = 0x100; level <= 0x130; level++) {
222 scan_trans2(cli, op, level, fnum, dnum, fname);
225 for (level = 1000; level < 1050; level++) {
226 scan_trans2(cli, op, level, fnum, dnum, fname);
230 torture_close_connection(cli);
232 printf("trans2 scan finished\n");
239 /****************************************************************************
240 look for a partial hit
241 ****************************************************************************/
242 static void nttrans_check_hit(const char *format, int op, int level, NTSTATUS status)
244 if (NT_STATUS_V(status) == NT_STATUS_V(NT_STATUS_INVALID_LEVEL) ||
245 NT_STATUS_V(status) == NT_STATUS_V(NT_STATUS_NOT_IMPLEMENTED) ||
246 NT_STATUS_V(status) == NT_STATUS_V(NT_STATUS_NOT_SUPPORTED) ||
247 NT_STATUS_V(status) == NT_STATUS_V(NT_STATUS_UNSUCCESSFUL) ||
248 NT_STATUS_V(status) == NT_STATUS_V(NT_STATUS_INVALID_INFO_CLASS)) {
252 printf("possible %s hit op=%3d level=%5d status=%s\n",
253 format, op, level, nt_errstr(status));
257 /****************************************************************************
258 check for existance of a nttrans call
259 ****************************************************************************/
260 static NTSTATUS try_nttrans(struct cli_state *cli,
262 char *param, char *data,
263 int param_len, int data_len,
264 unsigned int *rparam_len, unsigned int *rdata_len)
266 char *rparam=NULL, *rdata=NULL;
268 if (!cli_send_nt_trans(cli, op,
271 param, param_len, 2, /* param, length, max */
272 data, data_len, cli->max_xmit /* data, length, max */
274 return cli_nt_error(cli);
277 cli_receive_nt_trans(cli,
284 return cli_nt_error(cli);
288 static NTSTATUS try_nttrans_len(struct cli_state *cli,
291 char *param, char *data,
292 int param_len, int *data_len,
293 unsigned int *rparam_len, unsigned int *rdata_len)
295 NTSTATUS ret=NT_STATUS_OK;
297 ret = try_nttrans(cli, op, param, data, param_len,
298 DATA_SIZE, rparam_len, rdata_len);
300 printf("op=%d level=%d ret=%s\n", op, level, nt_errstr(ret));
302 if (!NT_STATUS_IS_OK(ret)) return ret;
305 while (*data_len < DATA_SIZE) {
306 ret = try_nttrans(cli, op, param, data, param_len,
307 *data_len, rparam_len, rdata_len);
308 if (NT_STATUS_IS_OK(ret)) break;
311 if (NT_STATUS_IS_OK(ret)) {
312 printf("found %s level=%d data_len=%d rparam_len=%d rdata_len=%d\n",
313 format, level, *data_len, *rparam_len, *rdata_len);
315 nttrans_check_hit(format, op, level, ret);
320 /****************************************************************************
321 check for existance of a nttrans call
322 ****************************************************************************/
323 static bool scan_nttrans(struct cli_state *cli, int op, int level,
324 int fnum, int dnum, const char *fname)
328 unsigned int rparam_len, rdata_len;
329 char param[PARAM_SIZE], data[DATA_SIZE];
332 memset(data, 0, sizeof(data));
335 /* try with a info level only */
337 SSVAL(param, 0, level);
338 status = try_nttrans_len(cli, "void", op, level, param, data, param_len, &data_len,
339 &rparam_len, &rdata_len);
340 if (NT_STATUS_IS_OK(status)) return True;
342 /* try with a file descriptor */
344 SSVAL(param, 0, fnum);
345 SSVAL(param, 2, level);
347 status = try_nttrans_len(cli, "fnum", op, level, param, data, param_len, &data_len,
348 &rparam_len, &rdata_len);
349 if (NT_STATUS_IS_OK(status)) return True;
352 /* try with a notify style */
354 SSVAL(param, 0, dnum);
355 SSVAL(param, 2, dnum);
356 SSVAL(param, 4, level);
357 status = try_nttrans_len(cli, "notify", op, level, param, data, param_len, &data_len,
358 &rparam_len, &rdata_len);
359 if (NT_STATUS_IS_OK(status)) return True;
361 /* try with a file name */
363 SSVAL(param, 0, level);
366 param_len += clistr_push(cli, ¶m[6], fname, -1, STR_TERMINATE);
368 status = try_nttrans_len(cli, "fname", op, level, param, data, param_len, &data_len,
369 &rparam_len, &rdata_len);
370 if (NT_STATUS_IS_OK(status)) return True;
372 /* try with a new file name */
374 SSVAL(param, 0, level);
377 param_len += clistr_push(cli, ¶m[6], "\\newfile.dat", -1, STR_TERMINATE);
379 status = try_nttrans_len(cli, "newfile", op, level, param, data, param_len, &data_len,
380 &rparam_len, &rdata_len);
381 cli_unlink(cli, "\\newfile.dat", aSYSTEM | aHIDDEN);
382 cli_rmdir(cli, "\\newfile.dat");
383 if (NT_STATUS_IS_OK(status)) return True;
386 cli_mkdir(cli, "\\testdir");
388 SSVAL(param, 0, level);
389 param_len += clistr_push(cli, ¶m[2], "\\testdir", -1, STR_TERMINATE);
391 status = try_nttrans_len(cli, "dfs", op, level, param, data, param_len, &data_len,
392 &rparam_len, &rdata_len);
393 cli_rmdir(cli, "\\testdir");
394 if (NT_STATUS_IS_OK(status)) return True;
400 bool torture_nttrans_scan(int dummy)
402 static struct cli_state *cli;
404 const char *fname = "\\scanner.dat";
407 printf("starting nttrans scan test\n");
409 if (!torture_open_connection(&cli, 0)) {
413 cli_open(cli, fname, O_RDWR | O_CREAT | O_TRUNC,
415 cli_open(cli, "\\", O_RDONLY, DENY_NONE, &dnum);
417 for (op=OP_MIN; op<=OP_MAX; op++) {
418 printf("Scanning op=%d\n", op);
419 for (level = 0; level <= 50; level++) {
420 scan_nttrans(cli, op, level, fnum, dnum, fname);
423 for (level = 0x100; level <= 0x130; level++) {
424 scan_nttrans(cli, op, level, fnum, dnum, fname);
427 for (level = 1000; level < 1050; level++) {
428 scan_nttrans(cli, op, level, fnum, dnum, fname);
432 torture_close_connection(cli);
434 printf("nttrans scan finished\n");
git.samba.org / sfrench / samba-autobuild / .git / blob