svn commit: samba r24269 - in branches/SAMBA_3_2/source/smbd: .
vlendec at samba.org
vlendec at samba.org
Tue Aug 7 13:12:47 GMT 2007
Author: vlendec
Date: 2007-08-07 13:12:46 +0000 (Tue, 07 Aug 2007)
New Revision: 24269
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=24269
Log:
Check wct in reply_write_and_X
Modified:
branches/SAMBA_3_2/source/smbd/reply.c
Changeset:
Modified: branches/SAMBA_3_2/source/smbd/reply.c
===================================================================
--- branches/SAMBA_3_2/source/smbd/reply.c 2007-08-07 13:10:21 UTC (rev 24268)
+++ branches/SAMBA_3_2/source/smbd/reply.c 2007-08-07 13:12:46 UTC (rev 24269)
@@ -3273,18 +3273,31 @@
int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
{
- files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv2));
- SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
- size_t numtowrite = SVAL(inbuf,smb_vwv10);
- BOOL write_through = BITSETW(inbuf+smb_vwv7,0);
- ssize_t nwritten = -1;
- unsigned int smb_doff = SVAL(inbuf,smb_vwv11);
- unsigned int smblen = smb_len(inbuf);
+ files_struct *fsp;
+ SMB_OFF_T startpos;
+ size_t numtowrite;
+ BOOL write_through;
+ ssize_t nwritten;
+ unsigned int smb_doff;
+ unsigned int smblen;
char *data;
- BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF));
+ BOOL large_writeX;
NTSTATUS status;
+
START_PROFILE(SMBwriteX);
+ if ((CVAL(inbuf, smb_wct) != 12) && (CVAL(inbuf, smb_wct) != 14)) {
+ return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
+ }
+
+ fsp = file_fsp(SVAL(inbuf,smb_vwv2));
+ startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
+ numtowrite = SVAL(inbuf,smb_vwv10);
+ write_through = BITSETW(inbuf+smb_vwv7,0);
+ smb_doff = SVAL(inbuf,smb_vwv11);
+ smblen = smb_len(inbuf);
+ large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF));
+
/* If it's an IPC, pass off the pipe handler. */
if (IS_IPC(conn)) {
END_PROFILE(SMBwriteX);
More information about the samba-cvs
mailing list