[cifs-protocol] SMB1 Trans2SetPathInfo() FileEndOfFileInformation is not enforcing share modes
Tim Prouty
tim.prouty at isilon.com
Tue Nov 24 16:59:36 MST 2009
Thanks Tom. The question is really about SMB1 Trans2SetPathInfo(). I
was just
referencing ZwSetInformationFile() for some background on the issue.
-Tim
On Nov 24, 2009, at 3:35 PM, Tom Jebo wrote:
> Hi Tim,
>
> Thanks for your ZwSetInformationFile() question. One of our team
> will contact you shortly.
>
> Tom Jebo
> Microsoft Open Specifications Documentation Support
>
> -----Original Message-----
> From: Tim Prouty [mailto:tim.prouty at isilon.com]
> Sent: Tuesday, November 24, 2009 6:07 PM
> To: Interoperability Documentation Help; cifs-protocol at samba.org; pfif at tridgell.net
> Subject: SMB1 Trans2SetPathInfo() FileEndOfFileInformation is not
> enforcing share modes
>
> Hi,
>
> Based on the ZwSetInformationFile() docs
> (http://msdn.microsoft.com/en-us/library/ms804363.aspx) and from my
> testing of smb1 against a win7 share, in order to set
> FileEndOfFileInformation it is necessary that the file is first
> opened with FILE_WRITE_DATA in the access_mask. It then follows
> that a Trans2SetPathInfo for FileEndOfFileInformation should
> implicitly open the file with FILE_WRITE_DATA before either
> truncating or extending the file.
>
> The specific case I'm interested in is the following:
>
> 1. Client1 does a CreateFileAndX() on a non-existant file with a share
> mode of 0 and holds the file open.
>
> 2. Client 2 does a Trans2SetPathInfo() with the level set to
> FileEndOfFileInformation (0x104) as documented in the SNIA CIFS
> spec. As expected NT_STATUS_SHARING_VIOLATION is returned here.
>
> 3. Client 2 does a Trans2SetPathInfo() with the undocumented
> pass-through level that also allows setting the
> FileEndOfFileInformation (1020 / 0x3FC). The client specifies that
> it wants to extend the file size to 100. Interestingly, win7 and
> winXP will return NT_STATUS_SUCCESS and successfully extend the
> length of the file. This operation seems to be circumventing the
> share mode enforcement.
>
> Is #3 actually correct behavior that other servers should implement?
> If so, can the cases where share modes are not enforced be
> enumerated in the documentation?
>
> I have attached a pcap of a client executing these exact steps
> against a win7 server.
>
> Packet 27/28: Step 1
> Packet 29/30: Step 2
> Packet 33-36: Step 3 (and verifies that the file was indeed
> extended) Packet 37/38: Show that share modes should still be
> enforced.
>
> Thanks!
>
> -Tim
More information about the cifs-protocol
mailing list