ndr_process.c revision 33f5ff17089e3a43e6e730bf80384c233123dbd9
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2010 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
* Copyright 2012 Milan Jurik. All rights reserved.
*/
/*
* Network Data Representation (NDR) is a compatible subset of the DCE RPC
* and MSRPC NDR. NDR is used to move parameters consisting of
* complicated trees of data constructs between an RPC client and server.
*/
#include <sys/byteorder.h>
#include <strings.h>
#include <assert.h>
#include <string.h>
#include <stdlib.h>
#include <smbsrv/libmlrpc.h>
#define NDR_STRING_MAX 4096
#define NDR_IS_UNION(T) \
#define NDR_IS_STRING(T) \
extern ndr_typeinfo_t ndt_s_wchar;
/*
* The following synopsis describes the terms TOP-MOST, OUTER and INNER.
*
* Each parameter (call arguments and return values) is a TOP-MOST item.
* A TOP-MOST item consists of one or more OUTER items. An OUTER item
* consists of one or more INNER items. There are important differences
* between each kind, which, primarily, have to do with the allocation
* of memory to contain data structures and the order of processing.
*
* This is most easily demonstrated with a short example.
* Consider these structures:
*
* struct top_param {
* long level;
* struct list * head;
* long count;
* };
*
* struct list {
* struct list * next;
* char * str; // a string
* };
*
* Now, consider an instance tree like this:
*
* +---------+ +-------+ +-------+
* |top_param| +--->|list #1| +--->|list #2|
* +---------+ | +-------+ | +-------+
* | level | | | next ----+ | next --->(NULL)
* | head ----+ | str -->"foo" | str -->"bar"
* | count | | flag | | flag |
* +---------+ +-------+ +-------+
*
* The DCE(MS)/RPC Stub Data encoding for the tree is the following.
* The vertical bars (|) indicate OUTER construct boundaries.
*
* +-----+----------------------+----------------------+-----+-----+-----+
* |level|#1.next #1.str #1.flag|#2.next #2.str #2.flag|"bar"|"foo"|count|
* +-----+----------------------+----------------------+-----+-----+-----+
* level |<----------------------- head -------------------------->|count
* TOP TOP TOP
*
* Here's what to notice:
*
* - The members of the TOP-MOST construct are scattered through the Stub
* Data in the order they occur. This example shows a TOP-MOST construct
* consisting of atomic types (pointers and integers). A construct
* (struct) within the TOP-MOST construct would be contiguous and not
* scattered.
*
* - The members of OUTER constructs are contiguous, which allows for
* non-copied relocated (fixed-up) data structures at the packet's
* destination. We don't do fix-ups here. The pointers within the
* OUTER constructs are processed depth-first in the order that they
* occur. If they were processed breadth first, the sequence would
* be #1,"foo",#2,"bar". This is tricky because OUTER constructs may
* be variable length, and pointers are often encountered before the
* size(s) is known.
*
* - The INNER constructs are simply the members of an OUTER construct.
*
* For comparison, consider how ONC RPC would handle the same tree of
* data. ONC requires very little buffering, while DCE requires enough
* buffer space for the entire message. ONC does atom-by-atom depth-first
* (de)serialization and copy, while DCE allows for constructs to be
* "fixed-up" (relocated) in place at the destination. The packet data
* for the same tree processed by ONC RPC would look like this:
*
* +---------------------------------------------------------------------+
* |level #1.next #2.next #2.str "bar" #2.flag #1.str "foo" #1.flag count|
* +---------------------------------------------------------------------+
* TOP #1 #2 #2 bar #2 #1 foo #1 TOP
*
* More details about each TOP-MOST, OUTER, and INNER constructs appear
* throughout this source file near where such constructs are processed.
*
* NDR_REFERENCE
*
* The primary object for NDR is the ndr_ref_t.
*
* An ndr reference indicates the local datum (i.e. native "C" data
* format), and the element within the Stub Data (contained within the
* RPC PDU (protocol data unit). An ndr reference also indicates,
* largely as a debugging aid, something about the type of the
* ndr reference's are typically allocated on the stack as locals,
* and the chain of ndr-reference.enclosing references is in reverse
* order of the call graph.
*
* The ndr-reference.datum is a pointer to the local memory that
*
* The ndr-reference also contains various parameters to the NDR
* process, such as ndr-reference.size_is, which indicates the size
* of variable length data, or ndr-reference.switch_is, which
* indicates the arm of a union to use.
*
* QUEUE OF OUTER REFERENCES
*
* Some OUTER constructs are variable size. Sometimes (often) we don't
* know the size of the OUTER construct until after pointers have been
* encountered. Hence, we can not begin processing the referent of the
* pointer until after the referring OUTER construct is completely
* Stub Data until we know the size of all its predecessors.
*
* This is managed using the queue of OUTER references. The queue is
* anchored in ndr_stream.outer_queue_head. At any time,
* ndr_stream.outer_queue_tailp indicates where to put the
* ndr-reference for the next encountered pointer.
*
* Refer to the example above as we illustrate the queue here. In these
* illustrations, the queue entries are not the data structures themselves.
* Rather, they are ndr-reference entries which **refer** to the data
* structures in both the PDU and local memory.
*
* During some point in the processing, the queue looks like this:
*
* outer_current -------v
* outer_queue_head --> list#1 --0
* outer_queue_tailp ---------&
*
* When the pointer #1.next is encountered, and entry is added to the
* queue,
*
* outer_current -------v
* outer_queue_head --> list#1 --> list#2 --0
* outer_queue_tailp --------------------&
*
* and the members of #1 continue to be processed, which encounters
* #1.str:
*
* outer_current -------v
* outer_queue_head --> list#1 --> list#2 --> "foo" --0
* outer_queue_tailp ------------------------------&
*
* Upon the completion of list#1, the processing continues by moving to
* ndr_stream.outer_current->next, and the tail is set to this outer member:
*
* outer_current ------------------v
* outer_queue_head --> list#1 --> list#2 --> "foo" --0
* outer_queue_tailp --------------------&
*
* Space for list#2 is allocated, either in the Stub Data or of local
* memory. When #2.next is encountered, it is found to be the null
* pointer and no reference is added to the queue. When #2.str is
* encountered, it is found to be valid, and a reference is added:
*
* outer_current ------------------v
* outer_queue_head --> list#1 --> list#2 --> "bar" --> "foo" --0
* outer_queue_tailp ------------------------------&
*
* Processing continues in a similar fashion with the string "bar",
* which is variable-length. At this point, memory for "bar" may be
* malloc()ed during NDR_M_OP_UNMARSHALL:
*
* outer_current -----------------------------v
* outer_queue_head --> list#1 --> list#2 --> "bar" --> "foo" --0
* outer_queue_tailp ------------------------------&
*
* And finishes on string "foo". Notice that because "bar" is a
* variable length string, and we don't know the PDU offset for "foo"
* until we reach this point.
*
* When the queue is drained (current->next==0), processing continues
* with the next TOP-MOST member.
*
* The queue of OUTER constructs manages the variable-length semantics
* of OUTER constructs and satisfies the depth-first requirement.
* We allow the queue to linger until the entire TOP-MOST structure is
* processed as an aid to debugging.
*/
extern int ndr__ulong(ndr_ref_t *);
/*
* TOP-MOST ELEMENTS
*
* This is fundamentally the first OUTER construct of the parameter,
* possibly followed by more OUTER constructs due to pointers. The
* datum (local memory) for TOP-MOST constructs (structs) is allocated
* by the caller of NDR.
*
* After the element is transferred, the outer_queue is drained.
*
* All we have to do is add an entry to the outer_queue for this
* top-most member, and commence the outer_queue processing.
*/
int
{
return (ndr_topmost(&myref));
}
int
{
return (0);
}
}
int
{
else
return (ndr_topmost(params_ref));
}
int
{
int is_varlen;
int is_string;
int error;
int rc;
unsigned n_fixed;
int params;
switch (params) {
case NDR_F_NONE:
case NDR_F_SWITCH_IS:
return (0);
}
break;
case NDR_F_SIZE_IS:
return (0);
case NDR_F_DIMENSION_IS:
if (is_varlen) {
return (0);
}
break;
case NDR_F_IS_POINTER:
n_fixed = 4;
break;
case NDR_F_IS_REFERENCE:
n_fixed = 0;
break;
default:
return (0);
}
if (!outer_ref)
return (0); /* error already set */
/*
* Hand-craft the first OUTER construct and directly call
* ndr_inner(). Then, run the outer_queue. We do this
* because ndr_outer() wants to malloc() memory for
* the construct, and we already have the memory.
*/
/* move the flags, etc, around again, undoes enter_outer_queue() */
outer_ref->outer_flags = 0;
/* All outer constructs start on a mod4 (longword) boundary */
if (!ndr_outer_align(outer_ref))
return (0); /* error already set */
/* Regardless of what it is, this is where it starts */
if (!rc)
return (0); /* error already set */
/* set-up outer_current, as though run_outer_queue() was doing it */
/* do the topmost member */
if (!rc)
return (0); /* error already set */
/* advance, as though run_outer_queue() was doing it */
return (ndr_run_outer_queue(nds));
}
static ndr_ref_t *
{
/*LINTED E_BAD_PTR_CAST_ALIGN*/
if (!outer_ref) {
return (0);
}
/* move advice in inner_flags to outer_flags */
outer_ref->inner_flags = 0;
return (outer_ref);
}
int
{
while (nds->outer_current) {
return (0);
}
return (1);
}
/*
* OUTER CONSTRUCTS
*
* OUTER constructs are where the real work is, which stems from the
* variable-length potential.
*
* DCE(MS)/RPC VARIABLE LENGTH -- CONFORMANT, VARYING, VARYING/CONFORMANT
*
* DCE(MS)/RPC provides for three forms of variable length: CONFORMANT,
* VARYING, and VARYING/CONFORMANT.
*
* What makes this so tough is that the variable-length array may be well
* encapsulated within the outer construct. Further, because DCE(MS)/RPC
* tries to keep the constructs contiguous in the data stream, the sizing
* information precedes the entire OUTER construct. The sizing information
* must be used at the appropriate time, which can be after many, many,
* many fixed-length elements. During IDL type analysis, we know in
* advance constructs that encapsulate variable-length constructs. So,
* we know when we have a sizing header and when we don't. The actual
* semantics of the header are largely deferred.
*
* Currently, VARYING constructs are not implemented but they are described
* here in case they have to be implemented in the future. Similarly,
* DCE(MS)/RPC provides for multi-dimensional arrays, which are currently
* not implemented. Only one-dimensional, variable-length arrays are
* supported.
*
* CONFORMANT CONSTRUCTS -- VARIABLE LENGTH ARRAYS START THE SHOW
*
* All variable-length values are arrays. These arrays may be embedded
* well within another construct. However, a variable-length construct
* may ONLY appear as the last member of an enclosing construct. Example:
*
* struct credentials {
* ulong uid, gid;
* ulong n_gids;
* [size_is(n_gids)]
* ulong gids[*]; // variable-length.
* };
*
* CONFORMANT constructs have a dynamic size in local memory and in the
* PDU. The CONFORMANT quality is indicated by the [size_is()] advice.
* CONFORMANT constructs have the following header:
*
* struct conformant_header {
* ulong size_is;
* };
*
* (Multi-dimensional CONFORMANT arrays have a similar header for each
* dimension - not implemented).
*
* Example CONFORMANT construct:
*
* struct user {
* char * name;
* struct credentials cred; // see above
* };
*
* Consider the data tree:
*
* +--------+
* | user |
* +--------+
* | name ----> "fred" (the string is a different OUTER)
* | uid |
* | gid |
* | n_gids | for example, 3
* | gids[0]|
* | gids[1]|
* | gids[2]|
* +--------+
*
* The OUTER construct in the Stub Data would be:
*
* +---+---------+---------------------------------------------+
* |pad|size_is=3 name uid gid n_gids=3 gids[0] gids[1] gids[2]|
* +---+---------+---------------------------------------------+
* szing hdr|user |<-------------- user.cred ------------>|
* |<--- fixed-size ---->|<----- conformant ---->|
*
* The ndr_typeinfo for struct user will have:
* pdu_fixed_size_part = 16 four long words (name uid gid n_gids)
* pdu_variable_size_part = 4 per element, sizeof gids[0]
*
* VARYING CONSTRUCTS -- NOT IMPLEMENTED
*
* VARYING constructs have the following header:
*
* struct varying_header {
* ulong first_is;
* ulong length_is;
* };
*
* This indicates which interval of an array is significant.
* Non-intersecting elements of the array are undefined and usually
* zero-filled. The first_is parameter for C arrays is always 0 for
* the first element.
*
* N.B. Constructs may contain one CONFORMANT element, which is always
* last, but may contain many VARYING elements, which can be anywhere.
*
* VARYING CONFORMANT constructs have the sizing headers arranged like
* this:
*
* struct conformant_header all_conformant[N_CONFORMANT_DIM];
* struct varying_header all_varying[N_VARYING_ELEMS_AND_DIMS];
*
* The sizing header is immediately followed by the values for the
* construct. Again, we don't support more than one dimension and
* we don't support VARYING constructs at this time.
*
* A good example of a VARYING/CONFORMANT data structure is the UNIX
* directory entry:
*
* struct dirent {
* ushort reclen;
* ushort namlen;
* ulong inum;
* [size_is(reclen-8) length_is(namlen+1)] // -(2+2+4), +1 for NUL
* uchar name[*];
* };
*
*
* STRINGS ARE A SPECIAL CASE
*
* Strings are handled specially. MS/RPC uses VARYING/CONFORMANT structures
* for strings. This is a simple one-dimensional variable-length array,
* typically with its last element all zeroes. We handle strings with the
* header:
*
* struct string_header {
* ulong size_is;
* ulong first_is; // always 0
* ulong length_is; // always same as size_is
* };
*
* If general support for VARYING and VARYING/CONFORMANT mechanisms is
* implemented, we probably won't need the strings special case.
*/
int
{
int error = NDR_ERR_OUTER_PARAMS_BAD;
int params;
/* All outer constructs start on a mod4 (longword) boundary */
if (!ndr_outer_align(outer_ref))
return (0); /* error already set */
/* Regardless of what it is, this is where it starts */
if (is_union) {
return (0);
}
switch (params) {
case NDR_F_NONE:
if (is_string)
return (ndr_outer_string(outer_ref));
if (is_varlen)
return (ndr_outer_conformant_construct(outer_ref));
return (ndr_outer_fixed(outer_ref));
case NDR_F_SIZE_IS:
case NDR_F_DIMENSION_IS:
if (is_varlen) {
break;
}
if (params & NDR_F_SIZE_IS)
return (ndr_outer_conformant_array(outer_ref));
else
return (ndr_outer_fixed_array(outer_ref));
default:
break;
}
/*
* If we get here, something is wrong. Most likely,
* the params flags do not match.
*/
return (0);
}
int
{
int rc;
unsigned n_hdr;
unsigned n_fixed;
unsigned n_variable;
unsigned n_alloc;
unsigned n_pdu_total;
int params;
/* no header for this */
n_hdr = 0;
/* fixed part -- exactly one of these */
/* variable part -- exactly none of these */
n_variable = 0;
/* sum them up to determine the PDU space required */
/* similar sum to determine how much local memory is required */
if (!rc)
return (rc); /* error already set */
case NDR_M_OP_MARSHALL:
if (!valp) {
return (0);
}
break;
case NDR_M_OP_UNMARSHALL:
if (!valp) {
return (0);
}
break;
default:
return (0);
}
if (!rc)
return (rc); /* error already set */
return (1);
}
int
{
int rc;
unsigned n_hdr;
unsigned n_fixed;
unsigned n_variable;
unsigned n_alloc;
unsigned n_pdu_total;
int params;
/* no header for this */
n_hdr = 0;
/* fixed part -- exactly dimension_is of these */
/* variable part -- exactly none of these */
n_variable = 0;
/* sum them up to determine the PDU space required */
/* similar sum to determine how much local memory is required */
if (!rc)
return (rc); /* error already set */
case NDR_M_OP_MARSHALL:
if (!valp) {
return (0);
}
break;
case NDR_M_OP_UNMARSHALL:
if (!valp) {
return (0);
}
break;
default:
return (0);
}
if (!rc)
return (rc); /* error already set */
return (1);
}
int
{
unsigned long size_is;
int rc;
unsigned n_hdr;
unsigned n_fixed;
unsigned n_variable;
unsigned n_alloc;
unsigned n_pdu_total;
unsigned n_ptr_offset;
int params;
/* conformant header for this */
n_hdr = 4;
/* fixed part -- exactly none of these */
n_fixed = 0;
/* variable part -- exactly size_of of these */
/* notice that it is the **fixed** size of the ti */
/* sum them up to determine the PDU space required */
/* similar sum to determine how much local memory is required */
if (!rc)
return (rc); /* error already set */
case NDR_M_OP_MARSHALL:
if (!rc)
return (0); /* error already set */
if (!valp) {
return (0);
}
n_ptr_offset = 4;
break;
case NDR_M_OP_UNMARSHALL:
if (params & NDR_F_IS_REFERENCE) {
n_ptr_offset = 0;
} else {
/* NDR_F_IS_POINTER */
if (!rc)
return (0); /* error already set */
return (0);
}
n_ptr_offset = 4;
}
if (size_is > 0) {
if (!valp) {
return (0);
}
}
break;
default:
return (0);
}
if (size_is > 0) {
if (!rc)
return (rc); /* error already set */
}
return (1);
}
int
{
unsigned long size_is;
int rc;
unsigned n_hdr;
unsigned n_fixed;
unsigned n_variable;
unsigned n_alloc;
unsigned n_pdu_total;
int params;
/* conformant header for this */
n_hdr = 4;
/* fixed part -- exactly one of these */
/* variable part -- exactly size_of of these */
n_variable = 0; /* 0 for the moment */
/* sum them up to determine the PDU space required */
/* similar sum to determine how much local memory is required */
/* For the moment, grow enough for the fixed-size part */
if (!rc)
return (rc); /* error already set */
case NDR_M_OP_MARSHALL:
/*
* We don't know the size yet. We have to wait for
* it. Proceed with the fixed-size part, and await
* the call to ndr_size_is().
*/
size_is = 0;
if (!rc)
return (0); /* error already set */
if (!valp) {
return (0);
}
break;
case NDR_M_OP_UNMARSHALL:
/*
* We know the size of the variable part because
* of the CONFORMANT header. We will verify
* the header against the [size_is(X)] advice
* later when ndr_size_is() is called.
*/
if (!rc)
return (0); /* error already set */
/* recalculate metrics */
if (!rc)
return (rc); /* error already set */
if (!valp) {
return (0);
}
break;
default:
return (0);
}
if (!rc)
return (rc); /* error already set */
return (0);
}
return (1);
}
int
{
unsigned long size_is;
int rc;
unsigned n_hdr;
unsigned n_fixed;
unsigned n_variable;
unsigned n_pdu_total;
return (0);
}
return (0);
}
/* repeat metrics, see ndr_conformant_construct() above */
n_hdr = 4;
if (!rc)
return (rc); /* error already set */
case NDR_M_OP_MARSHALL:
/*
* We have to set the sizing header and extend
* the size of the PDU (already done).
*/
if (!rc)
return (0); /* error already set */
break;
case NDR_M_OP_UNMARSHALL:
/*
* Allocation done during ndr_conformant_construct().
* All we are doing here is verifying that the
* intended size (ref->size_is) matches the sizing header.
*/
return (0);
}
break;
default:
return (0);
}
return (1);
}
int
{
int rc;
unsigned n_zeroes;
unsigned ix;
unsigned long size_is;
unsigned long first_is;
unsigned long length_is;
unsigned n_hdr;
unsigned n_fixed;
unsigned n_variable;
unsigned n_alloc;
unsigned n_pdu_total;
int params;
/* string header for this: size_is first_is length_is */
n_hdr = 12;
/* fixed part -- exactly none of these */
n_fixed = 0;
return (0); /* error already set */
case NDR_M_OP_MARSHALL:
if (!valp) {
return (0);
}
if (ti == &ndt_s_wchar) {
/*
* size_is is the number of characters in the
* (multibyte) string, including the null.
*/
sizeof (smb_wchar_t);
++size_is;
if (size_is > NDR_STRING_MAX) {
return (0);
}
} else {
n_zeroes = 0;
n_zeroes++;
break;
}
} else {
n_zeroes = 0;
}
}
if (ix >= NDR_STRING_MAX) {
return (0);
}
}
first_is = 0;
else
return (0); /* error already set */
break;
case NDR_M_OP_UNMARSHALL:
return (0); /* error already set */
/*
* In addition to the first_is check, we used to check that
* size_is or size_is-1 was equal to length_is but Windows95
* doesn't conform to this "rule" (see variable part below).
* The srvmgr tool for Windows95 sent the following values
* for a path string:
*
* size_is = 261 (0x105)
* first_is = 0
* length_is = 53 (0x35)
*
* The length_is was correct (for the given path) but the
* size_is was the maximum path length rather than being
* related to length_is.
*/
if (first_is != 0) {
return (0);
}
if (ti == &ndt_s_wchar) {
/*
* Decoding Unicode to UTF-8; we need to allow
* for the maximum possible char size. It would
* be nice to use mbequiv_strlen but the string
* may not be null terminated.
*/
} else {
}
if (!valp) {
return (0);
}
break;
default:
return (0);
}
/*
* Variable part - exactly length_is of these.
*
* Usually, length_is is same as size_is and includes nul.
* Some protocols use length_is = size_is-1, and length_is does
* not include the nul (which is more consistent with DCE spec).
* If the length_is is 0, there is no data following the
* sizing header, regardless of size_is.
*/
/* sum them up to determine the PDU space required */
/* similar sum to determine how much local memory is required */
if (!rc)
return (rc); /* error already set */
if (length_is > 0) {
/*
* Set up size_is and strlen_is for ndr_s_wchar.
*/
}
/*
* Don't try to decode empty strings.
*/
return (1);
}
if (!rc)
return (rc); /* error already set */
}
return (1);
}
int
unsigned long *sizing_p)
{
unsigned long pdu_offset;
int rc;
return (0);
}
case NDR_M_OP_MARSHALL:
return (0);
case NDR_M_OP_UNMARSHALL:
break;
default:
return (0);
}
return (rc);
}
int
unsigned long *sizing_p)
{
unsigned long pdu_offset;
int rc;
return (0);
}
case NDR_M_OP_MARSHALL:
break;
case NDR_M_OP_UNMARSHALL:
return (0);
default:
return (0);
}
return (rc);
}
/*
* All OUTER constructs begin on a mod4 (dword) boundary - except
* for the ones that don't: some MSRPC calls appear to use word or
* packed alignment. Strings appear to be dword aligned.
*/
int
{
int rc;
unsigned n_pad;
unsigned align;
} else {
}
if (n_pad == 0)
return (1); /* already aligned, often the case */
return (0); /* error already set */
case NDR_M_OP_MARSHALL:
if (!rc) {
return (0);
}
break;
case NDR_M_OP_UNMARSHALL:
break;
default:
return (0);
}
return (1);
}
int
{
unsigned long pdu_want_size;
is_ok = 1;
}
case NDR_M_OP_MARSHALL:
if (is_ok)
break;
if (!rc) {
return (0);
}
break;
case NDR_M_OP_UNMARSHALL:
if (is_ok)
break;
return (0);
default:
return (0);
}
return (1);
}
/*
* INNER ELEMENTS
*
* The local datum (arg_ref->datum) already exists, there is no need to
* malloc() it. The datum should point at a member of a structure.
*
* For the most part, ndr_inner() and its helpers are just a sanity
* check. The underlying ti->ndr_func() could be called immediately
* for non-pointer elements. For the sake of robustness, we detect
* run-time errors here. Most of the situations this protects against
* have already been checked by the IDL compiler. This is also a
* common point for processing of all data, and so is a convenient
* place to work from for debugging.
*/
int
{
int error = NDR_ERR_INNER_PARAMS_BAD;
int params;
switch (params) {
case NDR_F_NONE:
if (is_union) {
break;
}
case NDR_F_SIZE_IS:
case NDR_F_DIMENSION_IS:
if (is_varlen) {
break;
}
if (is_union) {
break;
}
if (params & NDR_F_IS_POINTER)
return (ndr_inner_pointer(arg_ref));
else if (params & NDR_F_IS_REFERENCE)
return (ndr_inner_reference(arg_ref));
else
return (ndr_inner_array(arg_ref));
case NDR_F_IS_POINTER: /* type is pointer to one something */
if (is_union) {
break;
}
return (ndr_inner_pointer(arg_ref));
case NDR_F_IS_REFERENCE: /* type is pointer to one something */
if (is_union) {
break;
}
return (ndr_inner_reference(arg_ref));
case NDR_F_SWITCH_IS:
if (!is_union) {
break;
}
default:
break;
}
/*
* If we get here, something is wrong. Most likely,
* the params flags do not match
*/
return (0);
}
int
{
/*LINTED E_BAD_PTR_CAST_ALIGN*/
if (!ndr__ulong(arg_ref))
return (0); /* error */
if (!*valpp)
return (1); /* NULL pointer */
if (!outer_ref)
return (0); /* error already set */
/*
* Move advice in inner_flags to outer_flags.
* Retain pointer flag for conformant arrays.
*/
#ifdef NDR_INNER_PTR_NOT_YET
}
#endif /* NDR_INNER_PTR_NOT_YET */
case NDR_M_OP_MARSHALL:
break;
case NDR_M_OP_UNMARSHALL:
/*
* This is probably wrong if the application allocated
* memory in advance. Indicate no value for now.
* ONC RPC handles this case.
*/
*valpp = 0;
break;
}
return (1); /* pointer dereference scheduled */
}
int
{
/*LINTED E_BAD_PTR_CAST_ALIGN*/
if (!outer_ref)
return (0); /* error already set */
/*
* Move advice in inner_flags to outer_flags.
* Retain reference flag for conformant arrays.
*/
#ifdef NDR_INNER_REF_NOT_YET
}
#endif /* NDR_INNER_REF_NOT_YET */
case NDR_M_OP_MARSHALL:
break;
case NDR_M_OP_UNMARSHALL:
/*
* This is probably wrong if the application allocated
* memory in advance. Indicate no value for now.
* ONC RPC handles this case.
*/
*valpp = 0;
break;
}
return (1); /* pointer dereference scheduled */
}
int
{
unsigned long n_elem;
unsigned long i;
char name[30];
if (!ndr_size_is(encl_ref))
return (0); /* error already set */
} else {
}
myref.packed_alignment = 0;
for (i = 0; i < n_elem; i++) {
return (0);
}
return (1);
}
/*
* BASIC TYPES
*/
1, /* NDR version */ \
NDR_F_NONE, /* flags */ \
SIZE, /* pdu_size_fixed_part */ \
0, /* pdu_size_variable_part */ \
SIZE, /* c_size_fixed_part */ \
0, /* c_size_variable_part */ \
}; \
}
1, /* NDR version */ \
NDR_F_STRING, /* flags */ \
0, /* pdu_size_fixed_part */ \
SIZE, /* pdu_size_variable_part */ \
0, /* c_size_fixed_part */ \
SIZE, /* c_size_variable_part */ \
}; \
}
int ndr_basic_integer(ndr_ref_t *, unsigned);
int
{
int rc;
case NDR_M_OP_MARSHALL:
break;
case NDR_M_OP_UNMARSHALL:
break;
default:
return (0);
}
return (rc);
}
int
{
char *valp;
unsigned long i;
long sense = 0;
char name[30];
myref.packed_alignment = 0;
for (i = 0; i < NDR_STRING_MAX; i++) {
return (0);
switch (size) {
/*LINTED E_BAD_PTR_CAST_ALIGN*/
/*LINTED E_BAD_PTR_CAST_ALIGN*/
}
if (!sense)
break;
}
return (1);
}
1, /* NDR version */
2-1, /* alignment */
NDR_F_STRING, /* flags */
ndr_s_wchar, /* ndr_func */
0, /* pdu_size_fixed_part */
2, /* pdu_size_variable_part */
0, /* c_size_fixed_part */
1, /* c_size_variable_part */
};
/*
* Hand coded wchar function because all strings are transported
* as wide characters. During NDR_M_OP_MARSHALL, we convert from
* multi-byte to wide characters. During NDR_M_OP_UNMARSHALL, we
* convert from wide characters to multi-byte.
*
* It appeared that NT would sometimes leave a spurious character
* in the data stream before the null wide_char, which would get
* included in the string decode because we processed until the
* null character. It now looks like NT does not always terminate
* RPC Unicode strings and the terminating null is a side effect
* of field alignment. So now we rely on the strlen_is (set up in
* ndr_outer_string) of the enclosing reference. This may or may
* not include the null but it doesn't matter, the algorithm will
* get it right.
*/
int
{
unsigned short wide_char;
char *valp;
unsigned long i;
char name[30];
int count;
int char_count = 0;
/*
* To avoid problems with zero length strings
* we can just null terminate here and be done.
*/
return (1);
}
}
myref.packed_alignment = 0;
count = 0;
for (i = 0; i < NDR_STRING_MAX; i++) {
if (count < 0) {
return (0);
} else if (count == 0) {
break;
/*
* If the input char is 0, mbtowc
* returns 0 without setting wide_char.
* Set wide_char to 0 and a count of 1.
*/
count = 1;
}
}
return (0);
*valp = '\0';
break;
}
}
if (!wide_char)
break;
}
return (1);
}
/*
* Converts a multibyte character string to a little-endian, wide-char
* string. No more than nwchars wide characters are stored.
* A terminating null wide character is appended if there is room.
*
* Returns the number of wide characters converted, not counting
* any terminating null wide character. Returns -1 if an invalid
* multibyte character is encountered.
*/
{
int nbytes;
while (nwchars--) {
if (nbytes < 0) {
*wcs = 0;
return ((size_t)-1);
}
if (*mbs == 0)
break;
++wcs;
}
}
/*
* Converts a multibyte character to a little-endian, wide-char, which
* is stored in wcharp. Up to nbytes bytes are examined.
*
* If mbchar is valid, returns the number of bytes processed in mbchar.
* If mbchar is invalid, returns -1. See also smb_mbtowc().
*/
/*ARGSUSED*/
int
{
int rc;
return (rc);
#ifdef _BIG_ENDIAN
#endif
return (rc);
}