svn commit: samba r8003 - in branches/SAMBA_4_0/source/libcli/raw: .
tridge at samba.org
tridge at samba.org
Thu Jun 30 01:34:54 GMT 2005
Author: tridge
Date: 2005-06-30 01:34:53 +0000 (Thu, 30 Jun 2005)
New Revision: 8003
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8003
Log:
ensure that we don't try to send a trans request with more than 64k data or params
Modified:
branches/SAMBA_4_0/source/libcli/raw/rawtrans.c
Changeset:
Modified: branches/SAMBA_4_0/source/libcli/raw/rawtrans.c
===================================================================
--- branches/SAMBA_4_0/source/libcli/raw/rawtrans.c 2005-06-30 01:26:52 UTC (rev 8002)
+++ branches/SAMBA_4_0/source/libcli/raw/rawtrans.c 2005-06-30 01:34:53 UTC (rev 8003)
@@ -216,6 +216,14 @@
size_t namelen = 0;
uint16_t data_disp, data_length, max_data;
+ if (parms->in.params.length > UINT16_MAX ||
+ parms->in.data.length > UINT16_MAX) {
+ DEBUG(3,("Attempt to send invalid trans2 request (params %u, data %u)\n",
+ parms->in.params.length, parms->in.data.length));
+ return NULL;
+ }
+
+
if (command == SMBtrans)
padding = 1;
else
More information about the samba-cvs
mailing list