Fix file length not matching file name because of multi-byte UTF-16 (#…

…1859) * Fix file length not matching file name because of multi-byte UTF-16 * Apply suggestions from code review Co-authored-by: alexisbalbachan <[email protected]> --------- Co-authored-by: alexisbalbachan <[email protected]>
fortra · Jan 23, 2025 · 664e025 · 664e025
1 parent ff8d248
commit 664e025
Showing 1 changed file with 9 additions and 6 deletions.
diff --git a/impacket/smb3.py b/impacket/smb3.py
@@ -1172,7 +1172,7 @@ def connectTree(self, share):
 
         treeConnect = SMB2TreeConnect()
         treeConnect['Buffer']     = path.encode('utf-16le')
-        treeConnect['PathLength'] = len(path)*2
+        treeConnect['PathLength'] = len(treeConnect['Buffer'])
 
         packet = self.SMB_PACKET()
         packet['Command'] = SMB2_TREE_CONNECT
@@ -1285,7 +1285,7 @@ def create(self, treeId, fileName, desiredAccess, shareMode, creationOptions, cr
         smb2Create['CreateDisposition']    = creationDisposition
         smb2Create['CreateOptions']        = creationOptions
 
-        smb2Create['NameLength']           = len(fileName)*2
+        smb2Create['NameLength']           = len(fileName.encode('utf-16le'))
         if fileName != '':
             smb2Create['Buffer']           = fileName.encode('utf-16le')
         else:
@@ -1471,8 +1471,9 @@ def queryDirectory(self, treeId, fileId, searchString = '*', resumeIndex = 0, in
         if maxBufferSize is None:
             maxBufferSize = self._Connection['MaxReadSize']
         queryDirectory['OutputBufferLength'] = maxBufferSize
-        queryDirectory['FileNameLength']     = len(searchString)*2
         queryDirectory['Buffer']             = searchString.encode('utf-16le')
+        queryDirectory['FileNameLength']     = len(queryDirectory['Buffer'])
+
 
         packet['Data'] = queryDirectory
 
@@ -1719,8 +1720,9 @@ def rename(self, shareName, oldPath, newPath):
             renameReq = FILE_RENAME_INFORMATION_TYPE_2()
             renameReq['ReplaceIfExists'] = 1
             renameReq['RootDirectory']   = '\x00'*8
-            renameReq['FileNameLength']  = len(newPath)*2
             renameReq['FileName']        = newPath.encode('utf-16le')
+            renameReq['FileNameLength']  = len(renameReq['FileName'])
+
             self.setInfo(treeId, fileId, renameReq, infoType = SMB2_0_INFO_FILE, fileInfoClass = SMB2_FILE_RENAME_INFO)
         finally:
             if fileId is not None:
@@ -1965,9 +1967,10 @@ def waitNamedPipe(self, treeId, pipename, timeout = 5):
 
         pipeWait = FSCTL_PIPE_WAIT_STRUCTURE()
         pipeWait['Timeout']          = timeout*100000
-        pipeWait['NameLength']       = len(pipename)*2
-        pipeWait['TimeoutSpecified'] = 1
         pipeWait['Name']             = pipename.encode('utf-16le')
+        pipeWait['NameLength']       = len(pipeWait['Name'] )
+        pipeWait['TimeoutSpecified'] = 1
+
 
         return self.ioctl(treeId, None, FSCTL_PIPE_WAIT,flags=SMB2_0_IOCTL_IS_FSCTL, inputBlob=pipeWait, maxInputResponse = 0, maxOutputResponse=0)