From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 16 Apr 2025 13:18:12 +0000 (+0200)
Subject: libcli/smb: make smb2_lease_{pull,push} endian safe
X-Git-Tag: samba-4.22.1~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=40c8ba32d87da607662bf1dde9aa17f3c91399da;p=thirdparty%2Fsamba.git

libcli/smb: make smb2_lease_{pull,push} endian safe

smbd_smb2_send_lease_break() is already endian safe,
which means we'll get a mismatch on big endian systems,
so that smbd_smb2_send_lease_break() sends the lease key
in reversed order.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15849

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Apr 17 11:30:58 UTC 2025 on atb-devel-224

(cherry picked from commit 80d5fa134d51b4b2238f775fea0af3d511bf3144)

Autobuild-User(v4-22-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-22-test): Thu Apr 17 17:03:35 UTC 2025 on atb-devel-224
---

diff --git a/libcli/smb/smb2_lease.c b/libcli/smb/smb2_lease.c
index 3574fffba32..0fc15e51227 100644
--- a/libcli/smb/smb2_lease.c
+++ b/libcli/smb/smb2_lease.c
@@ -44,7 +44,8 @@ ssize_t smb2_lease_pull(const uint8_t *buf, size_t len,
 		return -1;
 	}
 
-	memcpy(&lease->lease_key, buf, 16);
+	lease->lease_key.data[0] = PULL_LE_U64(buf, 0);
+	lease->lease_key.data[1] = PULL_LE_U64(buf, 8);
 	lease->lease_state = PULL_LE_U32(buf, 16);
 	lease->lease_version = version;
 
@@ -56,7 +57,8 @@ ssize_t smb2_lease_pull(const uint8_t *buf, size_t len,
 		lease->lease_duration = PULL_LE_U64(buf, 24);
 		lease->lease_flags &= SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET;
 		if (lease->lease_flags & SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET) {
-			memcpy(&lease->parent_lease_key, buf+32, 16);
+			lease->parent_lease_key.data[0] = PULL_LE_U64(buf, 32);
+			lease->parent_lease_key.data[1] = PULL_LE_U64(buf, 40);
 		}
 		lease->lease_epoch = PULL_LE_U16(buf, 48);
 		break;
@@ -80,13 +82,15 @@ bool smb2_lease_push(const struct smb2_lease *lease, uint8_t *buf, size_t len)
 		return false;
 	}
 
-	memcpy(&buf[0], &lease->lease_key, 16);
+	PUSH_LE_U64(buf,  0, lease->lease_key.data[0]);
+	PUSH_LE_U64(buf,  8, lease->lease_key.data[1]);
 	PUSH_LE_U32(buf, 16, lease->lease_state);
 	PUSH_LE_U32(buf, 20, lease->lease_flags);
 	PUSH_LE_U64(buf, 24, lease->lease_duration);
 
 	if (version == 2) {
-		memcpy(&buf[32], &lease->parent_lease_key, 16);
+		PUSH_LE_U64(buf, 32, lease->parent_lease_key.data[0]);
+		PUSH_LE_U64(buf, 40, lease->parent_lease_key.data[1]);
 		PUSH_LE_U16(buf, 48, lease->lease_epoch);
 		PUSH_LE_U16(buf, 50, 0); /* reserved */
 	}