[cifs-protocol] SMB1 Trans2SetPathInfo() FileEndOfFileInformation is not enforcing share modes
tim.prouty at isilon.com
Tue Nov 24 16:59:36 MST 2009
Thanks Tom. The question is really about SMB1 Trans2SetPathInfo(). I
referencing ZwSetInformationFile() for some background on the issue.
On Nov 24, 2009, at 3:35 PM, Tom Jebo wrote:
> Hi Tim,
> Thanks for your ZwSetInformationFile() question. One of our team
> will contact you shortly.
> Tom Jebo
> Microsoft Open Specifications Documentation Support
> -----Original Message-----
> From: Tim Prouty [mailto:tim.prouty at isilon.com]
> Sent: Tuesday, November 24, 2009 6:07 PM
> To: Interoperability Documentation Help; cifs-protocol at samba.org; pfif at tridgell.net
> Subject: SMB1 Trans2SetPathInfo() FileEndOfFileInformation is not
> enforcing share modes
> Based on the ZwSetInformationFile() docs
> (http://msdn.microsoft.com/en-us/library/ms804363.aspx) and from my
> testing of smb1 against a win7 share, in order to set
> FileEndOfFileInformation it is necessary that the file is first
> opened with FILE_WRITE_DATA in the access_mask. It then follows
> that a Trans2SetPathInfo for FileEndOfFileInformation should
> implicitly open the file with FILE_WRITE_DATA before either
> truncating or extending the file.
> The specific case I'm interested in is the following:
> 1. Client1 does a CreateFileAndX() on a non-existant file with a share
> mode of 0 and holds the file open.
> 2. Client 2 does a Trans2SetPathInfo() with the level set to
> FileEndOfFileInformation (0x104) as documented in the SNIA CIFS
> spec. As expected NT_STATUS_SHARING_VIOLATION is returned here.
> 3. Client 2 does a Trans2SetPathInfo() with the undocumented
> pass-through level that also allows setting the
> FileEndOfFileInformation (1020 / 0x3FC). The client specifies that
> it wants to extend the file size to 100. Interestingly, win7 and
> winXP will return NT_STATUS_SUCCESS and successfully extend the
> length of the file. This operation seems to be circumventing the
> share mode enforcement.
> Is #3 actually correct behavior that other servers should implement?
> If so, can the cases where share modes are not enforced be
> enumerated in the documentation?
> I have attached a pcap of a client executing these exact steps
> against a win7 server.
> Packet 27/28: Step 1
> Packet 29/30: Step 2
> Packet 33-36: Step 3 (and verifies that the file was indeed
> extended) Packet 37/38: Show that share modes should still be
More information about the cifs-protocol