svn commit: samba r11630 - in branches/SAMBA_4_0/source/lib/stream: .

tridge at samba.org tridge at samba.org
Thu Nov 10 05:12:28 GMT 2005


Author: tridge
Date: 2005-11-10 05:12:28 +0000 (Thu, 10 Nov 2005)
New Revision: 11630

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11630

Log:

another fix for over-reading in the packet code. This time get the
sign of the comparison right :-)


Modified:
   branches/SAMBA_4_0/source/lib/stream/packet.c


Changeset:
Modified: branches/SAMBA_4_0/source/lib/stream/packet.c
===================================================================
--- branches/SAMBA_4_0/source/lib/stream/packet.c	2005-11-10 04:49:02 UTC (rev 11629)
+++ branches/SAMBA_4_0/source/lib/stream/packet.c	2005-11-10 05:12:28 UTC (rev 11630)
@@ -34,7 +34,6 @@
 	packet_full_request_fn_t full_request;
 	packet_error_handler_fn_t error_handler;
 	DATA_BLOB partial;
-	uint32_t initial_read_size;
 	uint32_t num_read;
 	uint32_t initial_read;
 	struct tls_context *tls;
@@ -183,7 +182,8 @@
 			      struct timeval t, void *private)
 {
 	struct packet_context *pc = talloc_get_type(private, struct packet_context);
-	if (pc->num_read != 0 && pc->packet_size >= pc->num_read) {
+	if (pc->num_read != 0 && pc->packet_size != 0 &&
+	    pc->packet_size <= pc->num_read) {
 		packet_recv(pc);
 	}
 }
@@ -196,7 +196,7 @@
 {
 	size_t npending;
 	NTSTATUS status;
-	size_t nread;
+	size_t nread = 0;
 	DATA_BLOB blob;
 
 	if (pc->processing) {
@@ -268,8 +268,16 @@
 
 	pc->num_read += nread;
 
+next_partial:
+	if (pc->partial.length != pc->num_read) {
+		status = data_blob_realloc(pc, &pc->partial, pc->num_read);
+		if (!NT_STATUS_IS_OK(status)) {
+			packet_error(pc, status);
+			return;
+		}
+	}
+
 	/* see if its a full request */
-next_partial:
 	blob = pc->partial;
 	blob.length = pc->num_read;
 	status = pc->full_request(pc->private, blob, &pc->packet_size);



More information about the samba-cvs mailing list