I was hoping the vast knowledge of FSD experts could help me out with this one! I have an interop problem relating to handling IRP_MJ_QUERY_SECURITY over a CIFS share.
Using Procmon on the Server (ie. my FSD), I see a STATUS_BUFFER_OVERFLOW, followed by a STATUS_SUCCESS. Using Procmon on the Clients, I see a STATUS_BUFFER_OVERFLOW followed by a STATUS_INVALID_NETWORK_RESPONSE. So somewhere that success is being converted into an invalid network response.
W2K3 and Windows 7 clients to W2K3 servers always fail.
W2K3 clients to W2K8 R2 servers always fail.
Windows 7 clients to W2K8 R2 servers actually succeed.
I saw a post on some forum referencing a security fix and how STATUS_INVALID_NETWORK_RESPONSE could be returned if the network redirector deems the SD structure
http://www.microsoft.com/technet/security/bulletin/MS10-020.mspx?pubDate=2010-04-13
Fix described here: http://old.nabble.com/Microsoft-Security-Bulletin-MS10-020-(KB980232)-vs-OpenAFS-td28686529.html
Here is essentially the meaty code for how we handle IRP_MJ_QUERY_SECURITY: (Fcb->pSecDesc holds the self-relative SD.)
RtlZeroMemory(Irp->UserBuffer, IrpSp->Parameters.QuerySecurity.Length);
ULONG ulUserBufferSize = IrpSp->Parameters.QuerySecurity.Length;
Irp->IoStatus.Status = SeQuerySecurityDescriptorInfo(&IrpSp->Parameters.QuerySecurity.SecurityInformation, (PSECURITY_DESCRIPTOR) Irp->UserBuffer, &ulUserBufferSize, &Fcb->pSecDesc);
if (Irp->IoStatus.Status == STATUS_BUFFER_TOO_SMALL )
{
IrpSp->Parameters.QuerySecurity.SecurityInformation, Irp->UserBuffer, ulUserBufferSize, IrpSp->Parameters.QuerySecurity.Length, Fcb->FullFileName.Buffer);
Irp->IoStatus.Information = ulUserBufferSize;
Status = STATUS_BUFFER_OVERFLOW;
}
So I’m guessing that something in my SD might be invalid according to the redirector, but I can’t imagine what. Or its something completely different. Anyone else seen this? Thanks!