[jcifs] Domain Corruption Quantified (Win98/ME
non-compliance with CIFS std)
Allen, Michael B (RSCH)
Michael_B_Allen at ml.com
Wed Dec 4 16:32:33 EST 2002
Ok. Good. Thanks.
> -----Original Message-----
> From: Matthew Tippett [SMTP:matthew.tippett at sympatico.ca]
> Sent: Wednesday, December 04, 2002 12:20 AM
> To: jcifs at lists.samba.org
> Subject: Re: [jcifs] Domain Corruption Quantified (Win98/ME non-compliance with CIFS std)
>
> The behaviour if the buffer area is unused results in the same
> behaviour. Java initialises the byte array as an array of zeros.
> Thus after a negotiate with a Win98/ME box the domain is "".
>
> Having a domain = "" causes no issues for 98/ME, which is why this
> problem hasn't surfaced previously.
>
> Regards,
>
> Matthew
>
> Allen, Michael B (RSCH) wrote:
> > No, the Negotiate response.
> >
> > If you look at the capture in cifs-winme.pcap you can see that in the
> > negotiate response there is simply no domain. If you capture a response
> > from a later version of windows, there is the domain (as per the CIFS
> > standard).
> >
> > The NetServerEnum2 request was more of a distraction as it turned out,
> > the damage had already been done by the Negotiate.
> >
> > With that extra bit of information, the rest of my previous email
> > remains true.
> >
> >
> > I see. This is actually just a bug in jCIFS. If the byteCount is not greater than
> > the 8 byte challenge then we should not try and decode a domain name. This
> > is easily fixed by throwing an if( byteCount > encryptionKeyLength ) ... else
> > oemDomainName = new String() around that domain name decoder in
> > readBytesWireFormat of SmbComNegotiateResponse. The question is -- what
> > will happen when we pass "" as the domain name in the NetSeverEnum2? Can
> > you try it?
> >
> > http://users.erols.com/jcifs/jcifs-0.7.0b9dom.jar
> >
> >
> >
>
> --
> Matthew Tippett - matthew.tippett at sympatico.ca - (416) 435-4118
> Technology Forum - http://www.technology-forum.org/
> Commercial Open Source - http://www.commercialos.org/
>
More information about the jcifs
mailing list