[SCM] Samba Shared Repository - branch v3-devel updated -
release-3-2-0pre2-4060-gef3c132
Volker Lendecke
vlendec at samba.org
Mon Sep 8 21:59:28 GMT 2008
The branch, v3-devel has been updated
via ef3c132b8455c6fe4d0bb9f0be881040a806a4ed (commit)
from dbe7a61be2beac50d1665e38ac374cefbbabec00 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-devel
- Log -----------------------------------------------------------------
commit ef3c132b8455c6fe4d0bb9f0be881040a806a4ed
Author: Volker Lendecke <vl at sernet.de>
Date: Mon Sep 8 22:53:50 2008 +0200
Fix calculation of useable_space for trans2 and nttrans replies
When alignment was in place, we pretended to send more data/params according to
the param_offset/param_length and data_offset/data_length parameters than would
actually fit into the SMB according to the NBSS length field.
-----------------------------------------------------------------------
Summary of changes:
source/smbd/nttrans.c | 22 ++++++++++------------
source/smbd/trans2.c | 15 +++++++++------
2 files changed, 19 insertions(+), 18 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/smbd/nttrans.c b/source/smbd/nttrans.c
index b695127..567c428 100644
--- a/source/smbd/nttrans.c
+++ b/source/smbd/nttrans.c
@@ -91,14 +91,11 @@ void send_nt_replies(connection_struct *conn,
+ alignment_offset
+ data_alignment_offset);
- /*
- * useable_space can never be more than max_send minus the
- * alignment offset.
- */
-
- useable_space = MIN(useable_space,
- max_send - (alignment_offset+data_alignment_offset));
-
+ if (useable_space < 0) {
+ DEBUG(0, ("send_nt_replies failed sanity useable_space "
+ "= %d!!!", useable_space));
+ exit_server_cleanly("send_nt_replies: srv_send_smb failed.");
+ }
while (params_to_send || data_to_send) {
@@ -106,8 +103,7 @@ void send_nt_replies(connection_struct *conn,
* Calculate whether we will totally or partially fill this packet.
*/
- total_sent_thistime = params_to_send + data_to_send +
- alignment_offset + data_alignment_offset;
+ total_sent_thistime = params_to_send + data_to_send;
/*
* We can never send more than useable_space.
@@ -115,7 +111,9 @@ void send_nt_replies(connection_struct *conn,
total_sent_thistime = MIN(total_sent_thistime, useable_space);
- reply_outbuf(req, 18, total_sent_thistime);
+ reply_outbuf(req, 18,
+ total_sent_thistime + alignment_offset
+ + data_alignment_offset);
/*
* Set total params and data to be sent.
@@ -242,7 +240,7 @@ void send_nt_replies(connection_struct *conn,
if(params_to_send < 0 || data_to_send < 0) {
DEBUG(0,("send_nt_replies failed sanity check pts = %d, dts = %d\n!!!",
params_to_send, data_to_send));
- return;
+ exit_server_cleanly("send_nt_replies: internal error");
}
}
}
diff --git a/source/smbd/trans2.c b/source/smbd/trans2.c
index 8d839b6..3c17533 100644
--- a/source/smbd/trans2.c
+++ b/source/smbd/trans2.c
@@ -744,14 +744,16 @@ void send_trans2_replies(connection_struct *conn,
+ alignment_offset
+ data_alignment_offset);
- /* useable_space can never be more than max_send minus the alignment offset. */
-
- useable_space = MIN(useable_space, max_send - (alignment_offset+data_alignment_offset));
+ if (useable_space < 0) {
+ DEBUG(0, ("send_trans2_replies failed sanity useable_space "
+ "= %d!!!", useable_space));
+ exit_server_cleanly("send_trans2_replies: Not enough space");
+ }
while (params_to_send || data_to_send) {
/* Calculate whether we will totally or partially fill this packet */
- total_sent_thistime = params_to_send + data_to_send + alignment_offset + data_alignment_offset;
+ total_sent_thistime = params_to_send + data_to_send;
/* We can never send more than useable_space */
/*
@@ -761,9 +763,10 @@ void send_trans2_replies(connection_struct *conn,
* are sent here. Fix from Marc_Jacobsen at hp.com.
*/
- total_sent_thistime = MIN(total_sent_thistime, useable_space+ alignment_offset + data_alignment_offset);
+ total_sent_thistime = MIN(total_sent_thistime, useable_space);
- reply_outbuf(req, 10, total_sent_thistime);
+ reply_outbuf(req, 10, total_sent_thistime + alignment_offset
+ + data_alignment_offset);
/* Set total params and data to be sent */
SSVAL(req->outbuf,smb_tprcnt,paramsize);
--
Samba Shared Repository
More information about the samba-cvs
mailing list