3.3.5.26 Receiving an SMB_COM_WRITE_RAW Request

Upon receipt of an SMB_COM_WRITE_RAW Request (section 2.2.4.25.1) from the client, the server MUST verify that the Server.Capabilities include CAP_RAW_MODE, and that Connection.IsSigningActive is FALSE. If those conditions are met, the server MUST also verify the following:

  • FID MUST be valid.

  • UID MUST be valid, and the user MUST have, at minimum, write permission on the file, named pipe, or device indicated by the FID.

  • DataLength MUST be less than or equal to CountOfBytes.

  • The number of bytes provided in the SMB_Data.Bytes.Data field MUST be equal to DataLength.

If an error is detected when verifying any of the fields listed above (or when performing any other basic validation of the message), the Write Raw operation MUST fail and the server MUST return a Final Server Response, as described in section 2.2.4.25.3, with the Count field set to zero (0x0000).

If the DataOffset field value is less than the offset of SMB_Data.Bytes.Data, or if the DataOffset field value is greater than the offset of the SMB_Data.Bytes.Data + SMB_Parameters.Words.DataLength, the server SHOULD<279> fail the request with STATUS_INVALID_SMB.

If the server has no resources available to process the Raw Mode portion of the command (implementation-dependent), the server MUST fail the command. The server can first write the initial data provided in the request. Whether or not the initial data is written, the server MUST return a Final Server Response message with a Status of STATUS_SMB_USE_STANDARD (ERRSRV/ERRusestd) and a Count set to the number of bytes written, which can be zero (0x0000).<280>

If the write request was made to a named pipe or I/O device, the following additional rules apply:

  • If the Timeout value is -1 (0xFFFFFFFF, "wait forever") or the server does not implement Timeout processing,<281> then the server SHOULD wait until DataLength bytes have been written to the device before returning a response to the client.

  • If the Timeout value is -2 (0xFFFFFFFE, "default") the server SHOULD wait for the default time-out associated with the named pipe or I/O device.

  • If the Timeout value is zero, the write SHOULD NOT block.

  • Otherwise, the server SHOULD wait to send the response until either DataLength bytes are written to the device or the Timeout in milliseconds elapses. If Timeout is greater than zero and it elapses before DataLength bytes are written, the server SHOULD send a response with an error status indicating that the time-out occurred and SHOULD also include the count of bytes written.

If validation of the request is successful, and there are sufficient resources available to process the request, the server MUST attempt to write the initial data provided in the SMB_COM_WRITE_RAW request.

If the initial write operation succeeds and there is no additional data to be sent (CountOfBytes and DataLength are equal in the request), the server MUST send a Final Server Response indicating success, with the Count field set to the number of bytes that were written (the same as CountOfBytes and DataLength).<282>

If the initial write operation succeeds and additional data is pending (CountOfBytes greater than DataLength), the server MUST send an Interim Server Response as shown in section 2.2.4.25.2. If, however, the initial write operation fails, the server MUST return a Final Server Response. The Final Server Response MUST return a Status value indicating the cause of the error and a Count field set to the number of bytes successfully written. If the Interim Server Response was sent, the client MUST send any additional data in Raw Mode (meaning, the data to be written to the file MUST be written directly to the SMB transport for delivery to the server). The server MUST forward the raw data to the file, named pipe, or device indicated by the FID. The client can send less than the number of bytes expected (CountOfBytes minus DataLength). In that case, the server MUST write only the data sent. The client MUST NOT send more bytes than expected in Raw Mode.

As described above, if an error is detected prior to sending the Interim Server Response, then a Final Server Response MUST be sent to indicate the error and provide the count of the number of bytes successfully written. Once the Interim Server Response has been sent, the setting of the WritethroughMode bit in the WriteMode field of the original request determines whether or not a Final Server Response is sent to complete the Write Raw operation.

  • If WritethroughMode is set, a Final Server Response is expected following the transfer of raw data from the client. The server MUST complete writing the raw data to its final destination (file, named pipe, or device) and then MUST return the Final Server Response, indicating any errors as well as the total number of bytes written.

  • If WritethroughMode is clear, the server can perform write-behind. The Final Server Response MUST NOT be sent, even if an error occurs. The server MUST store the error and return it on the next access to the FID. When the client has completed sending the raw write data, it can continue normal operation.

Raw mode transfers are not supported on connectionless transports.

The interim and final response messages MUST be sent to the client as described in section 3.3.4.1, with the exception that SMB signing is not supported for raw mode commands.

Show: