>From d6c4092b1a6c10f36c85a376e30346dd2edfc356 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 19 Feb 2014 13:54:44 +0100 Subject: [PATCH 01/17] s3:utils/smbfilter: use a local variable for the packet buffer Signed-off-by: Stefan Metzmacher --- source3/utils/smbfilter.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/utils/smbfilter.c b/source3/utils/smbfilter.c index 33f1a90..734971b 100644 --- a/source3/utils/smbfilter.c +++ b/source3/utils/smbfilter.c @@ -35,7 +35,6 @@ #define CLI_CAPABILITY_SET 0 static char *netbiosname; -static char packet[BUFFER_SIZE]; static void save_file(const char *fname, void *ppacket, size_t length) { @@ -178,6 +177,7 @@ static void filter_child(int c, struct sockaddr_storage *dest_ss) { NTSTATUS status; int s = -1; + uint8_t packet[128*1024]; /* we have a connection from a new client, now connect to the server */ status = open_socket_out(dest_ss, TCP_SMB_PORT, LONG_CONNECT_TIMEOUT, &s); -- 1.7.9.5 >From a134e005ec22bb053b70c500332c1f36f280d4a9 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 19 Feb 2014 13:56:06 +0100 Subject: [PATCH 02/17] s3:torture: use CLI_BUFFER_SIZE instead of BUFFER_SIZE Signed-off-by: Stefan Metzmacher --- source3/torture/torture.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 1f29a70..340f754 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -3087,7 +3087,7 @@ static bool run_randomipc(int dummy) cli_api(cli, param, param_len, 8, - NULL, 0, BUFFER_SIZE, + NULL, 0, CLI_BUFFER_SIZE, &rparam, &rprcnt, &rdata, &rdrcnt); if (i % 100 == 0) { -- 1.7.9.5 >From 4bf15456ce3d7994ca89a704cff7c4785266d991 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 19 Feb 2014 13:57:28 +0100 Subject: [PATCH 03/17] s3:client: only limit the buffer by the given length 'n' Signed-off-by: Stefan Metzmacher --- source3/client/client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/client/client.c b/source3/client/client.c index 5157fc9..9e1f83d 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -226,7 +226,7 @@ static int readfile(uint8_t *b, int n, XFILE *f) return x_fread(b,1,n,f); i = 0; - while (i < (n - 1) && (i < BUFFER_SIZE)) { + while (i < (n - 1)) { if ((c = x_getc(f)) == EOF) { break; } -- 1.7.9.5 >From 157366c107215978e0df21800be13f3ca042ca78 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 19 Feb 2014 13:59:07 +0100 Subject: [PATCH 04/17] s3:param: avoid using BUFFER_SIZE to limit the lp_min_receive_file_size() There's really no reason to add such limit. Signed-off-by: Stefan Metzmacher --- source3/param/loadparm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 2114fa3..0565759 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -5204,7 +5204,7 @@ int lp_min_receive_file_size(void) if (Globals.iminreceivefile < 0) { return 0; } - return MIN(Globals.iminreceivefile, BUFFER_SIZE); + return Globals.iminreceivefile; } /******************************************************************* -- 1.7.9.5 >From d3d9a2e34edee5ece367ed7ab39ce778f6ad2c35 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 6 Dec 2013 13:28:35 +0100 Subject: [PATCH 05/17] libcli/smb: add SMB_BUFFER_SIZE_MIN/MAX defines Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422 Signed-off-by: Stefan Metzmacher --- libcli/smb/smb_constants.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/libcli/smb/smb_constants.h b/libcli/smb/smb_constants.h index 4b24be0..4190e64 100644 --- a/libcli/smb/smb_constants.h +++ b/libcli/smb/smb_constants.h @@ -209,6 +209,14 @@ enum smb_signing_setting { #define NEGOTIATE_SECURITY_SIGNATURES_ENABLED 0x04 #define NEGOTIATE_SECURITY_SIGNATURES_REQUIRED 0x08 +/* + * The negotiated buffer size for non LARGE_READX/WRITEX + * should be limited to uint16_t and has to be at least + * 500, which is the default for MinClientBufferSize on Windows. + */ +#define SMB_BUFFER_SIZE_MIN 500 +#define SMB_BUFFER_SIZE_MAX 65535 + /* Capabilities. see ftp.microsoft.com/developr/drg/cifs/cifs/cifs4.txt */ #define CAP_RAW_MODE 0x00000001 -- 1.7.9.5 >From 257d3d65c55b58b2d6cadee66ff06f3c97f5a5b0 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 6 Dec 2013 13:57:15 +0100 Subject: [PATCH 06/17] s3:include: let CLI_BUFFER_SIZE be an alias of SMB_BUFFER_SIZE_MAX Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422 Signed-off-by: Stefan Metzmacher --- source3/include/client.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/include/client.h b/source3/include/client.h index 35fa2f1..59fb104 100644 --- a/source3/include/client.h +++ b/source3/include/client.h @@ -22,7 +22,7 @@ #ifndef _CLIENT_H #define _CLIENT_H -#define CLI_BUFFER_SIZE (0xFFFF) +#define CLI_BUFFER_SIZE SMB_BUFFER_SIZE_MAX /* default client timeout to 20 seconds on most commands */ #define CLIENT_TIMEOUT (20 * 1000) -- 1.7.9.5 >From e12de6490b2b41e87c2e9b083384da6535de09fc Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 6 Dec 2013 13:45:35 +0100 Subject: [PATCH 07/17] s3:smbd: use SMB_BUFFER_SIZE_MIN/MAX to limit lp_max_xmit() The current limit of 128*1024 causes problems as the value has to be <= UINT16_MAX otherwise some clients get confused, as they want to use the MaxBufferSize value from the negprot response (uint32_t) for the MaxBufferSize value in thet session setup request (uint16_t). E.g. Windows 7 (as client) sends MaxBufferSize = 0 if the server value is > UINT16_MAX. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422 Signed-off-by: Stefan Metzmacher --- source3/smbd/process.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 41b3611..938ee4c 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -3396,6 +3396,7 @@ void smbd_process(struct tevent_context *ev_ctx, const char *remaddr = NULL; char *rhost; int ret; + int tmp; conn = talloc_zero(ev_ctx, struct smbXsrv_connection); if (conn == NULL) { @@ -3692,7 +3693,11 @@ void smbd_process(struct tevent_context *ev_ctx, sconn->nbt.got_session = false; - sconn->smb1.negprot.max_recv = MIN(lp_max_xmit(),BUFFER_SIZE); + tmp = lp_max_xmit(); + tmp = MAX(tmp, SMB_BUFFER_SIZE_MIN); + tmp = MIN(tmp, SMB_BUFFER_SIZE_MAX); + + sconn->smb1.negprot.max_recv = tmp; sconn->smb1.sessions.done_sesssetup = false; sconn->smb1.sessions.max_send = BUFFER_SIZE; -- 1.7.9.5 >From 89cd007222a4efc79c4770be0f2fa58b5c782693 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 6 Dec 2013 13:50:49 +0100 Subject: [PATCH 08/17] s3:smbd: use sconn->smb1.sessions.max_send = SMB_BUFFER_SIZE_MAX SMB_BUFFER_SIZE_MAX is UINT16_MAX and the largest value a client can possibly specify in the session setup request. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422 Signed-off-by: Stefan Metzmacher --- source3/smbd/process.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 938ee4c..41ab9fb 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -3700,7 +3700,7 @@ void smbd_process(struct tevent_context *ev_ctx, sconn->smb1.negprot.max_recv = tmp; sconn->smb1.sessions.done_sesssetup = false; - sconn->smb1.sessions.max_send = BUFFER_SIZE; + sconn->smb1.sessions.max_send = SMB_BUFFER_SIZE_MAX; if (!init_dptrs(sconn)) { exit_server("init_dptrs() failed"); -- 1.7.9.5 >From 686be5e21b6294fd021121ad761c5f075d8bbed3 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 6 Dec 2013 13:52:09 +0100 Subject: [PATCH 09/17] s3:smbd: reject a MaxBufferSize < SMB_BUFFER_SIZE_MIN (500) in a session setup request This makes sure sconn->smb1.sessions.max_send is always >= SMB_BUFFER_SIZE_MIN. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422 Signed-off-by: Stefan Metzmacher --- source3/smbd/sesssetup.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 02cb445..4b86a99 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -383,10 +383,13 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req) } if (!sconn->smb1.sessions.done_sesssetup) { - sconn->smb1.sessions.max_send = - MIN(sconn->smb1.sessions.max_send,smb_bufsize); + if (smb_bufsize < SMB_BUFFER_SIZE_MIN) { + reply_force_doserror(req, ERRSRV, ERRerror); + return; + } + sconn->smb1.sessions.max_send = smb_bufsize; + sconn->smb1.sessions.done_sesssetup = true; } - sconn->smb1.sessions.done_sesssetup = true; /* current_user_info is changed on new vuid */ reload_services(sconn, conn_snum_used, true); @@ -1088,10 +1091,14 @@ void reply_sesssetup_and_X(struct smb_request *req) req->vuid = sess_vuid; if (!sconn->smb1.sessions.done_sesssetup) { - sconn->smb1.sessions.max_send = - MIN(sconn->smb1.sessions.max_send,smb_bufsize); + if (smb_bufsize < SMB_BUFFER_SIZE_MIN) { + reply_force_doserror(req, ERRSRV, ERRerror); + END_PROFILE(SMBsesssetupX); + return; + } + sconn->smb1.sessions.max_send = smb_bufsize; + sconn->smb1.sessions.done_sesssetup = true; } - sconn->smb1.sessions.done_sesssetup = true; END_PROFILE(SMBsesssetupX); } -- 1.7.9.5 >From c6ce73e5848ca9c0030eaa3db367c5ab36706e02 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 6 Dec 2013 13:53:45 +0100 Subject: [PATCH 10/17] s3:smbd: take less than SMB_BUFFER_SIZE_MIN ('500') as header overhead in ipc.c We're now sure that sconn->smb1.sessions.max_send is >= SMB_BUFFER_SIZE_MIN. in order to garantee some progress we need to make sure our assumed header overhead is less than SMB_BUFFER_SIZE_MIN. Assuming 372 bytes for the SMBtrans headers should still be more than enough. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422 Signed-off-by: Stefan Metzmacher --- source3/smbd/ipc.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index 91d5047..dbb259c 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -109,12 +109,14 @@ void send_trans_reply(connection_struct *conn, int lparam = rparam ? rparam_len : 0; struct smbd_server_connection *sconn = req->sconn; int max_send = sconn->smb1.sessions.max_send; + /* HACK: make sure we send at least 128 byte in one go */ + int hdr_overhead = SMB_BUFFER_SIZE_MIN - 128; if (buffer_too_large) DEBUG(5,("send_trans_reply: buffer %d too large\n", ldata )); - this_lparam = MIN(lparam,max_send - 500); /* hack */ - this_ldata = MIN(ldata,max_send - (500+this_lparam)); + this_lparam = MIN(lparam,max_send - hdr_overhead); + this_ldata = MIN(ldata,max_send - (hdr_overhead+this_lparam)); align = ((this_lparam)%4); @@ -163,9 +165,9 @@ void send_trans_reply(connection_struct *conn, while (tot_data_sent < ldata || tot_param_sent < lparam) { this_lparam = MIN(lparam-tot_param_sent, - max_send - 500); /* hack */ + max_send - hdr_overhead); this_ldata = MIN(ldata -tot_data_sent, - max_send - (500+this_lparam)); + max_send - (hdr_overhead+this_lparam)); if(this_lparam < 0) this_lparam = 0; -- 1.7.9.5 >From 23bee173df7fb6130832c77ad6b04a5c66bdf6bd Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 4 Mar 2014 14:07:26 +0100 Subject: [PATCH 11/17] s3:smbd: fix lockread numtoread calculation to match reply_outbuf() arguments. Signed-off-by: Stefan Metzmacher --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3f3bbe1..112c9e6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3490,7 +3490,7 @@ void reply_lockread(struct smb_request *req) numtoread = SVAL(req->vwv+1, 0); startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0); - numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread); + numtoread = MIN(BUFFER_SIZE - (smb_size + 5*2 + 3), numtoread); reply_outbuf(req, 5, numtoread + 3); -- 1.7.9.5 >From ac2d81b08c026b352e1f4b63afc13d890667edd1 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 4 Mar 2014 14:07:26 +0100 Subject: [PATCH 12/17] s3:smbd: pass the final numtoread reply_outbuf() for the lockread reply. Signed-off-by: Stefan Metzmacher --- source3/smbd/reply.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 112c9e6..eacb0fb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3492,10 +3492,6 @@ void reply_lockread(struct smb_request *req) numtoread = MIN(BUFFER_SIZE - (smb_size + 5*2 + 3), numtoread); - reply_outbuf(req, 5, numtoread + 3); - - data = smb_buf(req->outbuf) + 3; - /* * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+ * protocol request that predates the read/write lock concept. @@ -3534,6 +3530,11 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", (unsigned int)sconn->smb1.negprot.max_recv)); numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv); } + + reply_outbuf(req, 5, numtoread + 3); + + data = smb_buf(req->outbuf) + 3; + nread = read_file(fsp,data,startpos,numtoread); if (nread < 0) { -- 1.7.9.5 >From 76606c3633c8689504c15258768940051b713988 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 4 Mar 2014 14:07:26 +0100 Subject: [PATCH 13/17] s3:smbd: fix the lockread numtoread calculation depending on the max_send. Signed-off-by: Stefan Metzmacher --- source3/smbd/reply.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index eacb0fb..4ca5f7d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3460,6 +3460,7 @@ void reply_lockread(struct smb_request *req) char *data; off_t startpos; size_t numtoread; + size_t maxtoread; NTSTATUS status; files_struct *fsp; struct byte_range_lock *br_lck = NULL; @@ -3490,14 +3491,12 @@ void reply_lockread(struct smb_request *req) numtoread = SVAL(req->vwv+1, 0); startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0); - numtoread = MIN(BUFFER_SIZE - (smb_size + 5*2 + 3), numtoread); - /* * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+ * protocol request that predates the read/write lock concept. * Thus instead of asking for a read lock here we need to ask * for a write lock. JRA. - * Note that the requested lock size is unaffected by max_recv. + * Note that the requested lock size is unaffected by max_send. */ br_lck = do_lock(req->sconn->msg_ctx, @@ -3520,15 +3519,16 @@ void reply_lockread(struct smb_request *req) } /* - * However the requested READ size IS affected by max_recv. Insanity.... JRA. + * However the requested READ size IS affected by max_send. Insanity.... JRA. */ + maxtoread = sconn->smb1.sessions.max_send - (smb_size + 5*2 + 3); - if (numtoread > sconn->smb1.negprot.max_recv) { - DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \ + if (numtoread > maxtoread) { + DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u/%u). \ Returning short read of maximum allowed for compatibility with Windows 2000.\n", - (unsigned int)numtoread, - (unsigned int)sconn->smb1.negprot.max_recv)); - numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv); + (unsigned int)numtoread, (unsigned int)maxtoread, + (unsigned int)sconn->smb1.sessions.max_send)); + numtoread = maxtoread; } reply_outbuf(req, 5, numtoread + 3); -- 1.7.9.5 >From 475c74996a841d1b974df1f4f75b0de1b1ad1bc6 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 4 Mar 2014 14:07:26 +0100 Subject: [PATCH 14/17] s3:smbd: fix the read numtoread calculation depending on the max_send. Signed-off-by: Stefan Metzmacher --- source3/smbd/reply.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4ca5f7d..47413a5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3569,6 +3569,7 @@ void reply_read(struct smb_request *req) { connection_struct *conn = req->conn; size_t numtoread; + size_t maxtoread; ssize_t nread = 0; char *data; off_t startpos; @@ -3601,17 +3602,17 @@ void reply_read(struct smb_request *req) numtoread = SVAL(req->vwv+1, 0); startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0); - numtoread = MIN(BUFFER_SIZE-outsize,numtoread); - /* - * The requested read size cannot be greater than max_recv. JRA. + * The requested read size cannot be greater than max_send. JRA. */ - if (numtoread > sconn->smb1.negprot.max_recv) { - DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \ + maxtoread = sconn->smb1.sessions.max_send - (smb_size + 5*2 + 3); + + if (numtoread > maxtoread) { + DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u/%u). \ Returning short read of maximum allowed for compatibility with Windows 2000.\n", - (unsigned int)numtoread, - (unsigned int)sconn->smb1.negprot.max_recv)); - numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv); + (unsigned int)numtoread, (unsigned int)maxtoread, + (unsigned int)sconn->smb1.sessions.max_send)); + numtoread = maxtoread; } reply_outbuf(req, 5, numtoread+3); -- 1.7.9.5 >From db6afe947546c0744a2a47a8dd69d7d7100f0921 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 5 Mar 2014 14:00:40 +0100 Subject: [PATCH 15/17] s3:smbd: simplify maxentries calculation in reply_search() Using helper variables make it much easier to understand. Signed-off-by: Stefan Metzmacher --- source3/smbd/reply.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 47413a5..79c12d6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1698,11 +1698,10 @@ void reply_search(struct smb_request *req) } } else { unsigned int i; - maxentries = MIN( - maxentries, - ((BUFFER_SIZE - - ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf)) - /DIR_STRUCT_SIZE)); + size_t hdr_size = ((uint8_t *)smb_buf(req->outbuf) + 3 - req->outbuf); + size_t available_space = BUFFER_SIZE - hdr_size; + + maxentries = MIN(maxentries, available_space/DIR_STRUCT_SIZE); DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n", directory,lp_dont_descend(ctx, SNUM(conn)))); -- 1.7.9.5 >From 937164a235cc85765a089b1f7c6c8aaaa4a12b89 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 5 Mar 2014 14:03:42 +0100 Subject: [PATCH 16/17] s3:smbd: fix the maxentries calculation depending on the max_send. Signed-off-by: Stefan Metzmacher --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 79c12d6..87a9c60 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1699,7 +1699,7 @@ void reply_search(struct smb_request *req) } else { unsigned int i; size_t hdr_size = ((uint8_t *)smb_buf(req->outbuf) + 3 - req->outbuf); - size_t available_space = BUFFER_SIZE - hdr_size; + size_t available_space = sconn->smb1.sessions.max_send - hdr_size; maxentries = MIN(maxentries, available_space/DIR_STRUCT_SIZE); -- 1.7.9.5 >From 4cd58aad00907271926c419aa4a621420fee6ed7 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 6 Dec 2013 13:56:12 +0100 Subject: [PATCH 17/17] s3:smbd: s/BUFFER_SIZE/LARGE_WRITEX_BUFFER_SIZE Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422 Signed-off-by: Stefan Metzmacher --- source3/include/smb.h | 4 +--- source3/smbd/process.c | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/source3/include/smb.h b/source3/include/smb.h index 1f6813e..aab4ff5 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -32,11 +32,9 @@ /* logged when starting the various Samba daemons */ #define COPYRIGHT_STARTUP_MESSAGE "Copyright Andrew Tridgell and the Samba Team 1992-2014" - -#define BUFFER_SIZE (128*1024) - #define SAFETY_MARGIN 1024 #define LARGE_WRITEX_HDR_SIZE 65 +#define LARGE_WRITEX_BUFFER_SIZE (128*1024) #define NMB_PORT 137 #define DGRAM_PORT 138 diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 41ab9fb..9457000 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -245,7 +245,7 @@ static bool valid_packet_size(size_t len) * of header. Don't print the error if this fits.... JRA. */ - if (len > (BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE)) { + if (len > (LARGE_WRITEX_BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE)) { DEBUG(0,("Invalid packet length! (%lu bytes).\n", (unsigned long)len)); return false; -- 1.7.9.5