Add additional copychunk checks.

For printer, ipc$ connections, and directory handles.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

diff --git a/source3/smbd/smb2_ioctl_network_fs.c b/source3/smbd/smb2_ioctl_network_fs.c
index a59a83b57082e195ec8e0ebed8eb8b71891fcbdd..7fc75076a1b3f78468d73713df736ea725d7c92f 100644 (file)
--- a/source3/smbd/smb2_ioctl_network_fs.c
+++ b/source3/smbd/smb2_ioctl_network_fs.c
@@ -200,6 +200,28 @@ static NTSTATUS copychunk_check_handles(struct files_struct *src_fsp,
                return NT_STATUS_ACCESS_DENIED;
        }
 
+       if (src_fsp->is_directory) {
+               DEBUG(5, ("copy chunk no read on src directory handle (%s).\n",
+                       smb_fname_str_dbg(src_fsp->fsp_name) ));
+               return NT_STATUS_ACCESS_DENIED;
+       }
+
+       if (dst_fsp->is_directory) {
+               DEBUG(5, ("copy chunk no read on dst directory handle (%s).\n",
+                       smb_fname_str_dbg(dst_fsp->fsp_name) ));
+               return NT_STATUS_ACCESS_DENIED;
+       }
+
+       if (IS_IPC(src_fsp->conn) || IS_IPC(dst_fsp->conn)) {
+               DEBUG(5, ("copy chunk no access on IPC$ handle.\n"));
+               return NT_STATUS_ACCESS_DENIED;
+       }
+
+       if (IS_PRINT(src_fsp->conn) || IS_PRINT(dst_fsp->conn)) {
+               DEBUG(5, ("copy chunk no access on PRINT handle.\n"));
+               return NT_STATUS_ACCESS_DENIED;
+       }
+
        return NT_STATUS_OK;
 }