[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Fri Sep 21 22:09:03 MDT 2012
The branch, master has been updated
via cb157e1 s4:dns.py: reproducer for (bug #9184)
via eacdd9f lib/tsocket: fix receiving of udp packets from 0 bytes (bug #9184)
via cc93a30 libcli/echo: validate the message length
from 83ed9b5 s3:pdb_ldap remove unused function
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit cb157e19cb6e96f319008c7178d04bfe7b30b5b4
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Sep 21 23:06:13 2012 +0200
s4:dns.py: reproducer for (bug #9184)
metze
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Sat Sep 22 06:08:05 CEST 2012 on sn-devel-104
commit eacdd9f730c09bc59e3906e4f2eff6b8b3051169
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Sep 21 22:54:26 2012 +0200
lib/tsocket: fix receiving of udp packets from 0 bytes (bug #9184)
It's possible for a client to send 0 bytes in a UDP packet,
we need still need to call recvfrom() and skip the invalid
packet at a higher level. Otherwise the kernel receive queue
is blocked.
metze
commit cc93a3004e1f7a38e7519ecd124a1ce6a21ffe1c
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Sep 21 22:18:10 2012 +0200
libcli/echo: validate the message length
metze
-----------------------------------------------------------------------
Summary of changes:
lib/tsocket/tsocket_bsd.c | 5 +---
libcli/echo/echo.c | 5 ++++
source4/scripting/python/samba/tests/dns.py | 29 +++++++++++++++++++++++++++
3 files changed, 35 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/tsocket/tsocket_bsd.c b/lib/tsocket/tsocket_bsd.c
index 9e80065..d5721b4 100644
--- a/lib/tsocket/tsocket_bsd.c
+++ b/lib/tsocket/tsocket_bsd.c
@@ -876,10 +876,6 @@ static void tdgram_bsd_recvfrom_handler(void *private_data)
bool retry;
ret = tsocket_bsd_pending(bsds->fd);
- if (ret == 0) {
- /* retry later */
- return;
- }
err = tsocket_bsd_error_from_errno(ret, errno, &retry);
if (retry) {
/* retry later */
@@ -889,6 +885,7 @@ static void tdgram_bsd_recvfrom_handler(void *private_data)
return;
}
+ /* note that 'ret' can be 0 here */
state->buf = talloc_array(state, uint8_t, ret);
if (tevent_req_nomem(state->buf, req)) {
return;
diff --git a/libcli/echo/echo.c b/libcli/echo/echo.c
index b6005cb..0f5f7f7 100644
--- a/libcli/echo/echo.c
+++ b/libcli/echo/echo.c
@@ -172,6 +172,11 @@ static void echo_request_done(struct tevent_req *subreq)
return;
}
+ if (len != state->orig_len) {
+ tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
+ return;
+ }
+
state->message[len-1] = '\0';
/* Once the async function has completed, set tevent_req_done() */
tevent_req_done(req);
diff --git a/source4/scripting/python/samba/tests/dns.py b/source4/scripting/python/samba/tests/dns.py
index 3eee306..327e166 100644
--- a/source4/scripting/python/samba/tests/dns.py
+++ b/source4/scripting/python/samba/tests/dns.py
@@ -547,6 +547,35 @@ class TestComplexQueries(DNSTest):
self.assertEquals(response.answers[1].rdata,
os.getenv('SERVER_IP'))
+class TestInvalidQueries(DNSTest):
+
+ def test_one_a_query(self):
+ "send 0 bytes follows by create a query packet containing one query record"
+
+ s = None
+ try:
+ s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, 0)
+ s.connect((os.getenv('SERVER_IP'), 53))
+ s.send("", 0)
+ finally:
+ if s is not None:
+ s.close()
+
+ p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+ questions = []
+
+ name = "%s.%s" % (os.getenv('SERVER'), self.get_dns_domain())
+ q = self.make_name_question(name, dns.DNS_QTYPE_A, dns.DNS_QCLASS_IN)
+ print "asking for ", q.name
+ questions.append(q)
+
+ self.finish_name_packet(p, questions)
+ response = self.dns_transaction_udp(p)
+ self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+ self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
+ self.assertEquals(response.ancount, 1)
+ self.assertEquals(response.answers[0].rdata,
+ os.getenv('SERVER_IP'))
if __name__ == "__main__":
import unittest
--
Samba Shared Repository
More information about the samba-cvs
mailing list