smbd: Don't crash in cli_fsctl_send()

If you run "allinfo" on a symlink with NT1, cli_readlink_send sends a
NULL "in" blob. Do the same as smb2cli_ioctl_send() does, just send
NULL/0 in that case and don't crash.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

source3/libsmb/clifile.c

@@ -7243,6 +7243,8 @@ struct tevent_req *cli_fsctl_send(
 	struct tevent_req *req = NULL, *subreq = NULL;
 	struct cli_fsctl_state *state = NULL;
 	uint16_t *setup = NULL;
+	uint8_t *data = NULL;
+	uint32_t num_data = 0;
 
 	req = tevent_req_create(mem_ctx, &state, struct cli_fsctl_state);
 	if (req == NULL) {
@@ -7268,17 +7270,29 @@ struct tevent_req *cli_fsctl_send(
 	SCVAL(setup, 6, 1);	/* IsFcntl */
 	SCVAL(setup, 7, 0);	/* IsFlags */
 
-	subreq = cli_trans_send(
+	if (in) {
-		state, ev, cli,
+		data = in->data;
-		0,		/* additional_flags2 */
+		num_data = in->length;
-		SMBnttrans,	/* cmd */
+	}
-		NULL,		/* name */
+
-		-1, 		/* fid */
+	subreq = cli_trans_send(state,
-		NT_TRANSACT_IOCTL, /* function */
+				ev,
-		0,		   /* flags */
+				cli,
-		setup, 4, 0,	   /* setup */
+				0,		   /* additional_flags2 */
-		NULL, 0, 0,	    /* param */
+				SMBnttrans,	   /* cmd */
-		in->data, in->length, max_out); /* data */
+				NULL,		   /* name */
+				-1,		   /* fid */
+				NT_TRANSACT_IOCTL, /* function */
+				0,		   /* flags */
+				setup,
+				4,
+				0, /* setup */
+				NULL,
+				0,
+				0, /* param */
+				data,
+				num_data,
+				max_out); /* data */
 
 	if (tevent_req_nomem(subreq, req)) {
 		return tevent_req_post(req, ev);