[SCM] Samba Shared Repository - branch master updated

Richard Sharpe sharpe at samba.org
Mon Apr 1 23:29:02 MDT 2013 

The branch, master has been updated
       via  5530cc4 Fix bad SMB2 opcode reading in server.
      from  7fd926f Make sure that we only propogate the INHERITED flag when we are allowed to.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 5530cc4816534d64d50403c266616633db8202cc
Author: Jeremy Allison <jra at samba.org>
Date:   Mon Apr 1 20:11:26 2013 -0700

    Fix bad SMB2 opcode reading in server.
    
    SMB2 opcodes are 16-bit values. We should *never*
    be reading them with IVAL(inhdr, SMB2_HDR_OPCODE),
    it should always be SVAL(inhdr, SMB2_HDR_OPCODE).
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Richard Sharpe <realrichardsharpe at gmail.com>
    
    Autobuild-User(master): Richard Sharpe <sharpe at samba.org>
    Autobuild-Date(master): Tue Apr  2 07:28:48 CEST 2013 on sn-devel-104

-----------------------------------------------------------------------

Summary of changes:
 source3/smbd/smb2_server.c |   10 +++++-----
 1 files changed, 5 insertions(+), 5 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index f486236..eb7059e 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -632,7 +632,7 @@ static bool smb2_validate_message_id(struct smbd_server_connection *sconn,
 				const uint8_t *inhdr)
 {
 	uint64_t message_id = BVAL(inhdr, SMB2_HDR_MESSAGE_ID);
-	uint16_t opcode = IVAL(inhdr, SMB2_HDR_OPCODE);
+	uint16_t opcode = SVAL(inhdr, SMB2_HDR_OPCODE);
 	uint16_t credit_charge = 1;
 	uint64_t i;
 
@@ -1416,7 +1416,7 @@ static void smbd_smb2_request_pending_timer(struct tevent_context *ev,
 
 	DEBUG(10,("smbd_smb2_request_pending_queue: opcode[%s] mid %llu "
 		"going async\n",
-		smb2_opcode_name((uint16_t)IVAL(inhdr, SMB2_HDR_OPCODE)),
+		smb2_opcode_name(SVAL(inhdr, SMB2_HDR_OPCODE)),
 		(unsigned long long)async_id ));
 
 	/*
@@ -1621,7 +1621,7 @@ static NTSTATUS smbd_smb2_request_process_cancel(struct smbd_smb2_request *req)
 		inhdr = SMBD_SMB2_IN_HDR_PTR(cur);
 		DEBUG(10,("smbd_smb2_request_process_cancel: attempting to "
 			"cancel opcode[%s] mid %llu\n",
-			smb2_opcode_name((uint16_t)IVAL(inhdr, SMB2_HDR_OPCODE)),
+			smb2_opcode_name(SVAL(inhdr, SMB2_HDR_OPCODE)),
                         (unsigned long long)found_id ));
 		tevent_req_cancel(cur->subreq);
 	}
@@ -1699,7 +1699,7 @@ static NTSTATUS smbd_smb2_request_check_session(struct smbd_smb2_request *req)
 	inhdr = SMBD_SMB2_IN_HDR_PTR(req);
 
 	in_flags = IVAL(inhdr, SMB2_HDR_FLAGS);
-	in_opcode = IVAL(inhdr, SMB2_HDR_OPCODE);
+	in_opcode = SVAL(inhdr, SMB2_HDR_OPCODE);
 	in_session_id = BVAL(inhdr, SMB2_HDR_SESSION_ID);
 
 	if (in_flags & SMB2_HDR_FLAG_CHAINED) {
@@ -1870,7 +1870,7 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
 	/* TODO: verify more things */
 
 	flags = IVAL(inhdr, SMB2_HDR_FLAGS);
-	opcode = IVAL(inhdr, SMB2_HDR_OPCODE);
+	opcode = SVAL(inhdr, SMB2_HDR_OPCODE);
 	mid = BVAL(inhdr, SMB2_HDR_MESSAGE_ID);
 	DEBUG(10,("smbd_smb2_request_dispatch: opcode[%s] mid = %llu\n",
 		smb2_opcode_name(opcode),


-- 
Samba Shared Repository

More information about the samba-cvs mailing list