svn commit: samba r24405 - in branches/SAMBA_3_2/source/smbd: .
vlendec at samba.org
vlendec at samba.org
Tue Aug 14 10:27:28 GMT 2007
Author: vlendec
Date: 2007-08-14 10:27:27 +0000 (Tue, 14 Aug 2007)
New Revision: 24405
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=24405
Log:
Check wct in reply_lockingX
Modified:
branches/SAMBA_3_2/source/smbd/reply.c
Changeset:
Modified: branches/SAMBA_3_2/source/smbd/reply.c
===================================================================
--- branches/SAMBA_3_2/source/smbd/reply.c 2007-08-14 10:06:33 UTC (rev 24404)
+++ branches/SAMBA_3_2/source/smbd/reply.c 2007-08-14 10:27:27 UTC (rev 24405)
@@ -5773,23 +5773,34 @@
int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf,
int length, int bufsize)
{
- files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv2));
- unsigned char locktype = CVAL(inbuf,smb_vwv3);
- unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1);
- uint16 num_ulocks = SVAL(inbuf,smb_vwv6);
- uint16 num_locks = SVAL(inbuf,smb_vwv7);
+ files_struct *fsp;
+ unsigned char locktype;
+ unsigned char oplocklevel;
+ uint16 num_ulocks;
+ uint16 num_locks;
SMB_BIG_UINT count = 0, offset = 0;
uint32 lock_pid;
- int32 lock_timeout = IVAL(inbuf,smb_vwv4);
+ int32 lock_timeout;
int i;
char *data;
- BOOL large_file_format =
- (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
+ BOOL large_file_format;
BOOL err;
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
START_PROFILE(SMBlockingX);
+
+ if (CVAL(inbuf, smb_wct) < 8) {
+ return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
+ }
+ fsp = file_fsp(SVAL(inbuf,smb_vwv2));
+ locktype = CVAL(inbuf,smb_vwv3);
+ oplocklevel = CVAL(inbuf,smb_vwv3+1);
+ num_ulocks = SVAL(inbuf,smb_vwv6);
+ num_locks = SVAL(inbuf,smb_vwv7);
+ lock_timeout = IVAL(inbuf,smb_vwv4);
+ large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
+
CHECK_FSP(fsp,conn);
data = smb_buf(inbuf);
More information about the samba-cvs
mailing list