1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
samba-mirror/source3/rpcclient/cmd_spotlight.c
Günther Deschner 0e1695df7f Fix gcc11 compiler issue "-Werror=maybe-uninitialized"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14699

../../source4/dsdb/common/util_links.c: In function ‘ndr_guid_compare’:
../../source4/dsdb/common/util_links.c:38:29: error: ‘v1_data’ may be used uninitialized [-Werror=maybe-uninitialized]
   38 |         struct ldb_val v1 = data_blob_const(v1_data, sizeof(v1_data));
      |                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
                 from ../../source4/include/includes.h:62,
                 from ../../source4/dsdb/common/util_links.c:22:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source4/dsdb/common/util_links.c:37:17: note: ‘v1_data’ declared here
   37 |         uint8_t v1_data[16];
      |                 ^~~~~~~
cc1: all warnings being treated as errors

[1729/3991] Compiling source3/smbd/smbXsrv_open.c
../../libcli/auth/smbencrypt.c: In function ‘decode_wkssvc_join_password_buffer’:
../../libcli/auth/smbencrypt.c:1045:32: error: ‘_confounder’ may be used uninitialized [-Werror=maybe-uninitialized]
 1045 |         DATA_BLOB confounder = data_blob_const(_confounder, 8);
      |                                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
                 from ../../source4/include/includes.h:62,
                 from ../../libcli/auth/smbencrypt.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../libcli/auth/smbencrypt.c:1044:17: note: ‘_confounder’ declared here
 1044 |         uint8_t _confounder[8];
      |                 ^~~~~~~~~~~
cc1: all warnings being treated as errors

[2624/3991] Compiling source4/torture/rpc/samr.c
../../source3/rpc_client/cli_samr.c: In function ‘dcerpc_samr_chgpasswd_user2’:
../../source3/rpc_client/cli_samr.c:158:33: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
  158 |         DATA_BLOB session_key = data_blob_const(old_nt_hash, 16);
      |                                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
                 from ../../source3/include/includes.h:256,
                 from ../../source3/rpc_client/cli_samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source3/rpc_client/cli_samr.c:152:17: note: ‘old_nt_hash’ declared here
  152 |         uint8_t old_nt_hash[16];
      |                 ^~~~~~~~~~~
../../source3/rpc_client/cli_samr.c: In function ‘dcerpc_samr_chgpasswd_user3’:
../../source3/rpc_client/cli_samr.c:365:33: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
  365 |         DATA_BLOB session_key = data_blob_const(old_nt_hash, 16);
      |                                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
                 from ../../source3/include/includes.h:256,
                 from ../../source3/rpc_client/cli_samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source3/rpc_client/cli_samr.c:358:17: note: ‘old_nt_hash’ declared here
  358 |         uint8_t old_nt_hash[16];
      |                 ^~~~~~~~~~~
cc1: all warnings being treated as errors

[3399/3991] Compiling source3/rpcclient/cmd_spotlight.c
../../source3/smbd/smbXsrv_open.c: In function ‘smbXsrv_open_set_replay_cache’:
../../source3/smbd/smbXsrv_open.c:936:26: error: ‘data’ may be used uninitialized [-Werror=maybe-uninitialized]
  936 |         DATA_BLOB blob = data_blob_const(data, ARRAY_SIZE(data));
      |                          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
                 from ../../source3/include/includes.h:256,
                 from ../../source3/smbd/smbXsrv_open.c:21:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source3/smbd/smbXsrv_open.c:935:17: note: ‘data’ declared here
  935 |         uint8_t data[SMBXSRV_OPEN_REPLAY_CACHE_FIXED_SIZE];
      |                 ^~~~
cc1: all warnings being treated as errors

../../source3/rpcclient/cmd_spotlight.c: In function ‘cmd_mdssvc_fetch_properties’:
../../source3/rpcclient/cmd_spotlight.c:60:18: error: ‘share_path’ may be used uninitialized [-Werror=maybe-uninitialized]
   60 |         status = dcerpc_mdssvc_open(b, mem_ctx,
      |                  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   61 |                                     &device_id,
      |                                     ~~~~~~~~~~~
   62 |                                     &unkn1,
      |                                     ~~~~~~~
   63 |                                     &unkn2,
      |                                     ~~~~~~~
   64 |                                     argv[2],
      |                                     ~~~~~~~~
   65 |                                     argv[1],
      |                                     ~~~~~~~~
   66 |                                     share_path,
      |                                     ~~~~~~~~~~~
   67 |                                     &share_handle);
      |                                     ~~~~~~~~~~~~~~
In file included from ../../source3/rpcclient/cmd_spotlight.c:24:
source3/../librpc/gen_ndr/ndr_mdssvc_c.h:26:10: note: by argument 8 of type ‘const char *’ to ‘dcerpc_mdssvc_open’ declared here
   26 | NTSTATUS dcerpc_mdssvc_open(struct dcerpc_binding_handle *h,
      |          ^~~~~~~~~~~~~~~~~~
../../source3/rpcclient/cmd_spotlight.c:40:14: note: ‘share_path’ declared here
   40 |         char share_path[1025];
      |              ^~~~~~~~~~
cc1: all warnings being treated as errors

../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser2’:
../../source4/torture/rpc/samr.c:2266:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
 2266 |                 = data_blob_const(old_nt_hash, sizeof(old_nt_hash));
      |                   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
                 from ../../source4/include/includes.h:62,
                 from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2263:17: note: ‘old_nt_hash’ declared here
 2263 |         uint8_t old_nt_hash[16], new_nt_hash[16];
      |                 ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser2_ntstatus’:
../../source4/torture/rpc/samr.c:2371:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
 2371 |                 = data_blob_const(old_nt_hash, sizeof(old_nt_hash));
      |                   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
                 from ../../source4/include/includes.h:62,
                 from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2368:17: note: ‘old_nt_hash’ declared here
 2368 |         uint8_t old_nt_hash[16], new_nt_hash[16];
      |                 ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser3’:
../../source4/torture/rpc/samr.c:2478:38: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
 2478 |         DATA_BLOB old_nt_hash_blob = data_blob_const(old_nt_hash, 16);
      |                                      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
                 from ../../source4/include/includes.h:62,
                 from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2473:17: note: ‘old_nt_hash’ declared here
 2473 |         uint8_t old_nt_hash[16], new_nt_hash[16];
      |                 ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordRandomBytes’:
../../source4/torture/rpc/samr.c:2794:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
 2794 |                 = data_blob_const(old_nt_hash,
      |                   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
 2795 |                                   sizeof(old_nt_hash));
      |                                   ~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
                 from ../../source4/include/includes.h:62,
                 from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2792:17: note: ‘old_nt_hash’ declared here
 2792 |         uint8_t old_nt_hash[16], new_nt_hash[16];
      |                 ^~~~~~~~~~~
cc1: all warnings being treated as errors

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2021-05-07 06:23:32 +00:00

461 lines
10 KiB
C

/*
Unix SMB/CIFS implementation.
RPC Spotlight client
Copyright (C) Ralph Boehme 2018
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
#include "rpcclient.h"
#include "libsmb/libsmb.h"
#include "../librpc/gen_ndr/ndr_mdssvc_c.h"
#include "../rpc_server/mdssvc/mdssvc.h"
#include "../rpc_server/mdssvc/dalloc.h"
#include "../rpc_server/mdssvc/marshalling.h"
static NTSTATUS cmd_mdssvc_fetch_properties(
struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
struct dcerpc_binding_handle *b = cli->binding_handle;
NTSTATUS status;
uint32_t device_id = 0x2f000045;
uint32_t unkn1 = 23;
uint32_t unkn2 = 0;
struct policy_handle share_handle;
char share_path[1025] = { 0 };
uint32_t mds_status;
uint32_t flags; /* server always returns 0x6b000001 ? */
uint32_t unkn3; /* server always returns 0 ? */
struct mdssvc_blob request_blob;
struct mdssvc_blob response_blob;
ssize_t len;
uint32_t max_fragment_size = 64 * 1024;
DALLOC_CTX *d, *mds_reply;
uint64_t *uint64var;
sl_array_t *array1, *array2;
uint32_t unkn4;
int result;
bool ok;
if (argc != 3) {
printf("Usage: %s SHARENAME MOUNTPATH\n", argv[0]);
return NT_STATUS_OK;
}
status = dcerpc_mdssvc_open(b, mem_ctx,
&device_id,
&unkn1,
&unkn2,
argv[2],
argv[1],
share_path,
&share_handle);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
status = dcerpc_mdssvc_unknown1(b, mem_ctx,
&share_handle,
0,
device_id,
unkn1,
0,
geteuid(),
getegid(),
&mds_status,
&flags,
&unkn3);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
d = dalloc_new(mem_ctx);
if (d == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
mds_reply = dalloc_new(mem_ctx);
if (mds_reply == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
array1 = dalloc_zero(d, sl_array_t);
if (array1 == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
array2 = dalloc_zero(d, sl_array_t);
if (array2 == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
result = dalloc_stradd(array2, "fetchPropertiesForContext:");
if (result != 0) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
uint64var = talloc_zero_array(mem_ctx, uint64_t, 2);
if (uint64var == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
talloc_set_name(uint64var, "uint64_t *");
result = dalloc_add(array2, &uint64var[0], uint64_t *);
if (result != 0) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
result = dalloc_add(array1, array2, sl_array_t);
if (result != 0) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
result = dalloc_add(d, array1, sl_array_t);
if (result != 0) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
request_blob.spotlight_blob = talloc_array(mem_ctx, uint8_t, max_fragment_size);
if (request_blob.spotlight_blob == NULL) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
request_blob.size = max_fragment_size;
response_blob.spotlight_blob = talloc_array(mem_ctx, uint8_t, max_fragment_size);
if (response_blob.spotlight_blob == NULL) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
response_blob.size = max_fragment_size;
len = sl_pack(d, (char *)request_blob.spotlight_blob, request_blob.size);
if (len == -1) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
request_blob.length = len;
request_blob.size = len;
status = dcerpc_mdssvc_cmd(b, mem_ctx,
&share_handle,
0,
device_id,
23,
0,
0x6b000001,
request_blob,
0,
max_fragment_size,
1,
max_fragment_size,
0,
0,
&mds_status,
&response_blob,
&unkn4);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
ok = sl_unpack(mds_reply, (char *)response_blob.spotlight_blob,
response_blob.length);
if (!ok) {
DEBUG(1, ("error unpacking Spotlight RPC blob\n"));
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
DEBUG(0, ("%s", dalloc_dump(mds_reply, 0)));
done:
return status;
}
static NTSTATUS cmd_mdssvc_fetch_attributes(
struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
struct dcerpc_binding_handle *b = cli->binding_handle;
NTSTATUS status;
uint32_t device_id = 0x2f000045;
uint32_t unkn1 = 23;
uint32_t unkn2 = 0;
struct policy_handle share_handle;
char share_path[1025];
uint32_t mds_status;
uint32_t flags; /* server always returns 0x6b000001 ? */
uint32_t unkn3; /* server always returns 0 ? */
struct mdssvc_blob request_blob;
struct mdssvc_blob response_blob;
ssize_t len;
uint32_t max_fragment_size = 64 * 1024;
DALLOC_CTX *d, *mds_reply;
uint64_t *uint64var;
sl_array_t *array;
sl_array_t *cmd_array;
sl_array_t *attr_array;
sl_cnids_t *cnids;
uint64_t cnid;
uint32_t unkn4;
int result;
bool ok;
if (argc != 4) {
printf("Usage: %s SHARENAME MOUNTPATH CNID\n", argv[0]);
return NT_STATUS_OK;
}
ok = conv_str_u64(argv[3], &cnid);
if (!ok) {
printf("Failed to parse: %s\n", argv[3]);
return NT_STATUS_INVALID_PARAMETER;
}
status = dcerpc_mdssvc_open(b, mem_ctx,
&device_id,
&unkn1,
&unkn2,
argv[2],
argv[1],
share_path,
&share_handle);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
status = dcerpc_mdssvc_unknown1(b, mem_ctx,
&share_handle,
0,
device_id,
unkn1,
0,
geteuid(),
getegid(),
&mds_status,
&flags,
&unkn3);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
d = dalloc_new(mem_ctx);
if (d == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
array = dalloc_zero(d, sl_array_t);
if (array == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
result = dalloc_add(d, array, sl_array_t);
if (result != 0) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
cmd_array = dalloc_zero(d, sl_array_t);
if (cmd_array == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
result = dalloc_add(array, cmd_array, sl_array_t);
if (result != 0) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
result = dalloc_stradd(cmd_array,
"fetchAttributes:forOIDArray:context:");
if (result != 0) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
uint64var = talloc_zero_array(mem_ctx, uint64_t, 2);
if (uint64var == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
talloc_set_name(uint64var, "uint64_t *");
uint64var[0] = 0x500a;
uint64var[1] = 0;
result = dalloc_add(cmd_array, &uint64var[0], uint64_t *);
if (result != 0) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
attr_array = dalloc_zero(d, sl_array_t);
if (attr_array == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
result = dalloc_add(array, attr_array, sl_array_t);
if (result != 0) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
result = dalloc_stradd(attr_array, "kMDItemPath");
if (result != 0) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
/* CNIDs */
cnids = talloc_zero(array, sl_cnids_t);
if (cnids == NULL) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
cnids->ca_cnids = dalloc_new(cnids);
if (cnids->ca_cnids == NULL) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
cnids->ca_unkn1 = 0xadd;
cnids->ca_context = 0x6b000020;
result = dalloc_add_copy(cnids->ca_cnids, &cnid, uint64_t);
if (result != 0) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
result = dalloc_add(array, cnids, sl_cnids_t);
if (result != 0) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
request_blob.spotlight_blob = talloc_array(mem_ctx,
uint8_t,
max_fragment_size);
if (request_blob.spotlight_blob == NULL) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
request_blob.size = max_fragment_size;
response_blob.spotlight_blob = talloc_array(mem_ctx,
uint8_t,
max_fragment_size);
if (response_blob.spotlight_blob == NULL) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
response_blob.size = max_fragment_size;
len = sl_pack(d, (char *)request_blob.spotlight_blob, request_blob.size);
if (len == -1) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
request_blob.length = len;
request_blob.size = len;
status = dcerpc_mdssvc_cmd(b, mem_ctx,
&share_handle,
0,
device_id,
23,
0,
0x6b000001,
request_blob,
0,
max_fragment_size,
1,
max_fragment_size,
0,
0,
&mds_status,
&response_blob,
&unkn4);
if (!NT_STATUS_IS_OK(status)) {
printf("dcerpc_mdssvc_cmd failed: %s\n", nt_errstr(status));
goto done;
}
if (response_blob.length == 0) {
printf("mdssvc returned empty response\n");
status = NT_STATUS_RPC_PROTOCOL_ERROR;
goto done;
}
mds_reply = dalloc_new(mem_ctx);
if (mds_reply == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
ok = sl_unpack(mds_reply, (char *)response_blob.spotlight_blob,
response_blob.length);
if (!ok) {
printf("Unpacking Spotlight RPC blob failed\n");
status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
printf("%s", dalloc_dump(mds_reply, 0));
done:
return status;
}
/* List of commands exported by this module */
struct cmd_set spotlight_commands[] = {
{
.name = "MDSSVC"
},
{
.name = "fetch_properties",
.returntype = RPC_RTYPE_NTSTATUS,
.ntfn = cmd_mdssvc_fetch_properties,
.table = &ndr_table_mdssvc,
.description = "Fetch connection properties",
.usage = "",
},
{
.name = "fetch_attributes",
.returntype = RPC_RTYPE_NTSTATUS,
.ntfn = cmd_mdssvc_fetch_attributes,
.table = &ndr_table_mdssvc,
.description = "Fetch attributes for a CNID",
.usage = "",
},
{0}
};