[jcifs] Domain Corruption Quantified (Win98/ME non-compliance
with CIFS std)
Matthew Tippett
matthew.tippett at sympatico.ca
Wed Dec 4 00:22:52 EST 2002
Allen, Michael B (RSCH) wrot
>
> When the next request comes along, the buffer already has some extra
> data placed into it and so when it parses the data, it puts 'crap' in
> the URL field.
>
>
> Do you mean a domain in the domain enum response is not properly null
> terminated? I'm not sure I understand. What field of what response exacty? Is
> it the name member in the ServerInfo1 structure of NetServerEnum2 response
> that's not null terminated property? Can you get a -Dlog=ALL if ethereal is not
> picking this up properly?
>
>
No, the Negotiate response.
If you look at the capture in cifs-winme.pcap you can see that in the
negotiate response there is simply no domain. If you capture a response
from a later version of windows, there is the domain (as per the CIFS
standard).
The NetServerEnum2 request was more of a distraction as it turned out,
the damage had already been done by the Negotiate.
With that extra bit of information, the rest of my previous email
remains true.
Regards,
Matthew
--
Matthew Tippett - matthew.tippett at sympatico.ca - (416) 435-4118
Technology Forum - http://www.technology-forum.org/
Commercial Open Source - http://www.commercialos.org/
More information about the jcifs
mailing list