zydronium/SMBLibrary
1
0
Fork 0
mirror of https://github.com/TalAloni/SMBLibrary.git synced 2025-08-04 06:51:50 +02:00
Code Issues Projects Releases Packages Wiki Activity

Bugfix: Check share-level write access on the new file name before sending FileRenameInformation to the object store

Browse source
This commit is contained in:
Tal Aloni 2017-08-27 15:18:32 +03:00
parent b4939ff04b
commit 7ef87b3cd6
1 changed files with 14 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

14
SMBLibrary/Server/SMB2/SetInfoHelper.cs
View file

@ -56,6 +56,20 @@ namespace SMBLibrary.Server.SMB2
return new ErrorResponse(request.CommandName, NTStatus.STATUS_INVALID_PARAMETER);
}
if ((share is FileSystemShare) && (information is FileRenameInformationType2))
{
string newFileName = ((FileRenameInformationType2)information).FileName;
if (!newFileName.StartsWith(@"\"))
{
newFileName = @"\" + newFileName;
}
if (!((FileSystemShare)share).HasWriteAccess(session.SecurityContext, newFileName))
{
state.LogToServer(Severity.Verbose, "SetFileInformation: Rename '{0}{1}' to '{0}{2}' failed. User '{3}' was denied access.", share.Name, openFile.Path, newFileName, session.UserName);
return new ErrorResponse(request.CommandName, NTStatus.STATUS_ACCESS_DENIED);
}
}
NTStatus status = share.FileStore.SetFileInformation(openFile.Handle, information);
if (status != NTStatus.STATUS_SUCCESS)
{