[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-2801-g34b56cb

Volker Lendecke vlendec at samba.org
Sun Aug 10 16:17:52 GMT 2008 

The branch, v3-2-test has been updated
       via  34b56cb54e06f9b38d2bb0a626ec7b04030fc4fa (commit)
       via  2abeea64e15f0e8e8c413744de9194bdcedd6f16 (commit)
      from  fc309e41a45079d58c03dc6fb0c35ceb4517f0ae (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -----------------------------------------------------------------
commit 34b56cb54e06f9b38d2bb0a626ec7b04030fc4fa
Author: Volker Lendecke <vl at samba.org>
Date:   Sun Aug 10 17:53:35 2008 +0200

    fix smb_len calculation for chained requests
    
    I think chain_reply() is one of the most tricky parts of Samba. This recursion
    needs to go away, we need to sequentially walk the chain list.

commit 2abeea64e15f0e8e8c413744de9194bdcedd6f16
Author: Volker Lendecke <vl at samba.org>
Date:   Sun Aug 10 17:37:08 2008 +0200

    Fix andx offset calculation for more than 2 chained requests
    
    Untested code is broken code.... Test follows later, it's quite an intrusive
    change to libsmb/

-----------------------------------------------------------------------

Summary of changes:
 source/smbd/process.c |   16 ++++++++++++----
 1 files changed, 12 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/smbd/process.c b/source/smbd/process.c
index 1c28f68..4989c8f 100644
--- a/source/smbd/process.c
+++ b/source/smbd/process.c
@@ -1636,6 +1636,7 @@ void chain_reply(struct smb_request *req)
 	char *outbuf = (char *)req->outbuf;
 	size_t outsize = smb_len(outbuf) + 4;
 	size_t outsize_padded;
+	size_t padding;
 	size_t ofs, to_move;
 
 	struct smb_request *req2;
@@ -1674,12 +1675,13 @@ void chain_reply(struct smb_request *req)
 	 */
 
 	outsize_padded = (outsize + 3) & ~3;
+	padding = outsize_padded - outsize;
 
 	/*
 	 * remember how much the caller added to the chain, only counting
 	 * stuff after the parameter words
 	 */
-	chain_size += outsize_padded - smb_wct;
+	chain_size += (outsize_padded - smb_wct);
 
 	/*
 	 * work out pointers into the original packets. The
@@ -1787,17 +1789,17 @@ void chain_reply(struct smb_request *req)
 	SCVAL(outbuf, smb_vwv0, smb_com2);
 	SSVAL(outbuf, smb_vwv1, chain_size + smb_wct - 4);
 
-	if (outsize_padded > outsize) {
+	if (padding != 0) {
 
 		/*
 		 * Due to padding we have some uninitialized bytes after the
 		 * caller's output
 		 */
 
-		memset(outbuf + outsize, 0, outsize_padded - outsize);
+		memset(outbuf + outsize, 0, padding);
 	}
 
-	smb_setlen(outbuf, outsize2 + chain_size - 4);
+	smb_setlen(outbuf, outsize2 + caller_outputlen + padding - 4);
 
 	/*
 	 * restore the saved data, being careful not to overwrite any data
@@ -1808,6 +1810,12 @@ void chain_reply(struct smb_request *req)
 	SAFE_FREE(caller_output);
 	TALLOC_FREE(req2);
 
+	/*
+	 * Reset the chain_size for our caller's offset calculations
+	 */
+
+	chain_size -= (outsize_padded - smb_wct);
+
 	return;
 }
 


-- 
Samba Shared Repository

More information about the samba-cvs mailing list