[cifs-protocol] New case: SRX091209600095 Trans2SetPathInfo() returns truncated SMB header

Bill Wesse billwe at microsoft.com
Fri Dec 11 08:19:25 MST 2009

Good morning Tim. There are indeed other cases where WordCount and ByteCount are not sent; I have located several dozen potential SMB response cases where this could occur.

The Technical Document Issue (TDI) I filed yesterday includes this as an issue, along with when a DOSError is returned with the header.Flags2 SMB_FLAGS2_NT_STATUS bit clear in the response when it was set in the request - which is all about where this will be documented - and who will do the detailing. Whether or not WordCount and ByteCount are absent for all DOSError returns is not yet something I can yet provide an authoritative answer for.

My thinking is that [MS-SMB] (Appendix A: Product Behavior), [MS-CIFS-Preview], and the Microsoft Open Specification Support Team Blog are all viable targets for the information in question.

[MS-CIFS-Preview]: Common Internet File System (CIFS)

[MS-SMB]: Server Message Block (SMB) Protocol Specification

Microsoft Open Specification Support Team Blog

Today, I will be concentrating on the final steps I need to take before filing a TDI against the other case (SRX091124600335 : [MS-SMB] Trans2SetPathInfo() not enforcing share mode).

Bill Wesse
MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
TEL:  +1(980) 776-8200
CELL: +1(704) 661-5438
FAX:  +1(704) 665-9606

-----Original Message-----
From: Tim Prouty [mailto:tim.prouty at isilon.com] 
Sent: Thursday, December 10, 2009 2:39 PM
To: Bill Wesse
Cc: Jeremy Allison; cifs-protocol at samba.org; pfif at tridgell.net
Subject: Re: New case: SRX091209600095 Trans2SetPathInfo() returns truncated SMB header

On Dec 9, 2009, at 12:31 PM, Bill Wesse wrote:

> This is processed as follows before appearing on the wire:
> If the SrvIsSrvStatus(Status) check passes (which it should, in this  
> case, per the included #defines from cifs.h), the error code is  
> truncated using the SrvErrorClass(Status) macro (also from cifs.h),  
> and the error class is set to SMB_ERR_CLASS_DOS (0x1). The  
> SMB_FLAGS2_NT_STATUS bit is cleared in the response header.Flags2  
> field, and the return context is marked to omit WordCount and  
> ByteCount.

Hmm, I didn't know that there are cases where the WordCount and  
ByteCount are omitted.  Is this the case for all DOS errors?  Is it  
possible to document the cases when they are omitted?  As it is there  
is samba client code that detects an omitted WordCount/ByteCount in  
this situation as an error, so if this is correct server behavior  
we'll need to update the client.

Thank you for your detailed investigation!


More information about the cifs-protocol mailing list