EA name len must be less than 255 according to MS-FSCC ...

Wed Dec 12 21:40:27 MST 2012

Am Dienstag, 11. Dezember 2012, 19:24:06 schrieb Jeremy Allison:
> On Tue, Dec 11, 2012 at 10:20:42AM -0800, Richard Sharpe wrote:
> > On Tue, Dec 11, 2012 at 10:03 AM, Jeremy Allison <jra at samba.org> wrote:
> > > On Tue, Dec 11, 2012 at 10:00:40AM -0800, Richard Sharpe wrote:
> > >> Hi folks,
> > >> 
> > >> according to [MS-FSCC].pdf section 2.4.15 we have:
> > >> 
> > >> ---------------------
> > >> EaNameLength (1 byte): An 8-bit unsigned integer that contains the
> > >> length, in bytes, of the extended attribute name in the EaName field.
> > >> This value MUST NOT include the terminating null character to EaName.
> > >> 
> > >> EaName (variable): An array of 8-bit ASCII characters that contains
> > >> the extended attribute name followed by a single terminating null
> > >> character byte. The EaName MUST be less than 255 characters and MUST
> > >> NOT contain any of the following characters:
> > >> ASCII values 0x00 - 0x1F, \ / : * ? " < > | , + = [ ] ;
> > >> ---------------------
> > >> 
> > >> However, in source3/smbd/trans2.c:fill_ea_buffer we have:
> > >>         for (p = pdata + 4; ea_list; ea_list = ea_list->next) {
> > >>         
> > >>                 size_t dos_namelen;
> > >>                 fstring dos_ea_name;
> > >>                 push_ascii_fstring(dos_ea_name, ea_list->ea.name);
> > >>                 dos_namelen = strlen(dos_ea_name);
> > >>                 if (dos_namelen > 255 || dos_namelen == 0) {
> > >>                 
> > >>                         break;
> > >>                 
> > >>                 }
> > >> 
> > >> The description in FSCC does seem a little confusing, but one possible
> > >> interpretation is that the name, excluding the terminating NULL must
> > >> be less than 255 ASCII chars in length. If that were the case, the
> > >> test above is wrong.
> > > 
> > > Test against Windows.
> > > 
> > >> Does anyone have any examples of long EA names? Is there an easy way
> > >> to set EAs from Windows?
> > > 
> > > There is *no* way from the Win32 layer to create EA's against a
> > > Windows server :-).
> > 
> > Hmmm, that seems not to be quite true:
> > http://www.tech-archive.net/Archive/Development/microsoft.public.win32.pr
> > ogrammer.kernel/2006-05/msg00485.html
> > 
> > There are also other references to the undocumented NTDLL call
> > 
> > NTSetEaFile and this:
> >    http://www.zezula.net/en/fstools/filetest.html
> > 
> > I guess I will give it a try soon.
> 
> I did say Win32 layer :-). NtXXX calls are the Nt system
> call layer below.
> 
> Anyway, I still think network probing using SMB calls is
> a safer way to test - that describes exactly the behavior
> on the wire we need to obey.
> 
> Jeremy.

i wrote a small OS/2 test applet to check for max. EA name length.
 - OS/2
 - windows XP
 - samba3
all allow to set a max. length of 255 chars. (+ terminating zero)

More precise, all 3 don't return an error, when using 255 chars.

BUT - for some reasons i haven't digged down atm samba only
stores (!) EA names with only max. 250 characters!

Samba stores EA names with e.g 248, 249, 250 characters fine - but then
any longer names "are ignored" in some way.

Let's assume an EA name of 250 "a" characters.
That one will be stored.

Now a NEW EA name with 251 "a" characters is passed.
It's ignored - NOT even stored!

When a NEW EA name with 251 "b" characters is now passed,
it will be stored - BUT only 250 chars are stored!

Will dig deeper if time allows.
Btw - i used smbclient's "getea <filename>" to view the stored EAs.

Cheers, Günter

---
Btw - one would assume when passing EA names which only
differ in length (above 250), but use the same char (e.g. "a") for the whole
EA name, are always stored as different names.
This holds true for OS/2 (which i'm able to check) - but samba only
stores ONE EA name - sure, due to the "magic" 250 char limit....