svn commit: samba r11752 - in branches/SAMBA_4_0/source/libcli/smb2: .

[tridge at samba.org]

Author: tridge
Date: 2005-11-17 00:48:24 +0000 (Thu, 17 Nov 2005)
New Revision: 11752

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11752

Log:

setup the dynamic pointer for incoming packets too

Modified:
   branches/SAMBA_4_0/source/libcli/smb2/smb2.h
   branches/SAMBA_4_0/source/libcli/smb2/transport.c


Changeset:
Modified: branches/SAMBA_4_0/source/libcli/smb2/smb2.h
===================================================================
--- branches/SAMBA_4_0/source/libcli/smb2/smb2.h	2005-11-17 00:47:50 UTC (rev 11751)
+++ branches/SAMBA_4_0/source/libcli/smb2/smb2.h	2005-11-17 00:48:24 UTC (rev 11752)
@@ -138,7 +138,7 @@
 };
 
 
-#define SMB2_MIN_SIZE 0x40
+#define SMB2_MIN_SIZE 0x42
 
 /* offsets into header elements */
 #define SMB2_HDR_LENGTH  0x04

Modified: branches/SAMBA_4_0/source/libcli/smb2/transport.c
===================================================================
--- branches/SAMBA_4_0/source/libcli/smb2/transport.c	2005-11-17 00:47:50 UTC (rev 11751)
+++ branches/SAMBA_4_0/source/libcli/smb2/transport.c	2005-11-17 00:48:24 UTC (rev 11752)
@@ -148,6 +148,8 @@
 	int len;
 	struct smb2_request *req = NULL;
 	uint64_t seqnum;
+	uint16_t buffer_code;
+	uint32_t dynamic_size;
 
 	buffer = blob.data;
 	len = blob.length;
@@ -183,6 +185,18 @@
 	req->in.body_size = req->in.size - (SMB2_HDR_BODY+NBT_HDR_SIZE);
 	req->status       = NT_STATUS(IVAL(hdr, SMB2_HDR_STATUS));
 
+	buffer_code = SVAL(req->in.body, 0);
+	req->in.dynamic = NULL;
+	dynamic_size = req->in.body_size - (buffer_code & ~1);
+	if (dynamic_size != 0 && (buffer_code & 1)) {
+		req->in.dynamic = req->in.body + (buffer_code & ~1);
+		if (smb2_oob(&req->in, req->in.dynamic, dynamic_size)) {
+			DEBUG(1,("SMB2 request invalid dynamic size 0x%x\n", 
+				 dynamic_size));
+			goto error;
+		}
+	}
+
 	DEBUG(2, ("SMB2 RECV seqnum=0x%llx\n", req->seqnum));
 	dump_data(5, req->in.body, req->in.body_size);