[cifs-protocol] [MS-SMB2] Clarification regarding client handling of invalid DataLength of SMB2_ENCRYPTION_CAPABILITIES negotiate context 
philipp.gesang at intra2net.com
Tue Mar 5 07:39:12 UTC 2019
thanks for investigating this.
-<| Quoting Obaid Farooqi <obaidf at microsoft.com>, on Monday, 2019-03-04 04:51:51 PM |>-
> Do you by chance have a network traces of this issue?
Yes but due to confidentiality reasons I can’t share them as
such. If you still have specific questions about those traces, I
will try and answer them.
-<| Quoting Obaid Farooqi <obaidf at microsoft.com>, on Tuesday, 2019-03-05 12:44:35 AM |>-
> The processing of the SMB2_ENCRYPTION_CAPABILITIES is defined
> in section 184.108.40.206 in MS-SMB2.
> As far the length of the context is concerned in the DataLength
> field, the client performs the following check:
> If DataLength is < size of SMB2_ENCRYPTION_CAPABILITIES
> then return error to the application.
That indeed explains the behavior we observed.
> I'll file a bug against the MS-SMB2 document to add this step
> in the processing steps for negotiate context for
Thank you for the clarification, as far as I am concerned this
resolves the issue.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the cifs-protocol