Solaris 2.6 and latest NTDOM code

Jeremy Allison jallison at whistle.com
Thu Jun 25 19:51:21 GMT 1998 

Bernie Kirby wrote:

>         Same problem here.
>         core dump in 'get_nb_flags' called from line
> 515 in nmbd_winsserver.c.
> 
>         That is the line
>         nb_flags = get_nb_flags(nmb->additional->rdata);
>         nmb->additional data is Null.
> 
> Could this possibly be due to the preceeding line
>  memcpy((char *)&orig_reg_packet, userdata->data, sizeof(struct
> packet_struct *));
> 
> Where it's only copying the size of a pointer and not the size of a
> packet_struct?
> 

No that's actually correct. It is copying a pointer to
a 'locked' packet (which is why it does a unlock and
then free_packet at the end of the call).

>         nmb->additional data is Null.

This looks like memory corruption problems.
In the function wins_process_name_registration_request()
the same pointer (p->packet.nmb->additional) is used
heavily. It is the contents of the pointer p that
are copied into the userdata pointer, after the
packet has been locked (line 807) so that the
contents of the original packet are still kept
for the wins_register_query_fail() function
to use. If the nmb->additional pointer is non-zero
in the wins_process_name_registration_request() then
it should be non-zero in wins_register_query_fail().

If not - then someone is scribbling on memory.

Now Chris has been adding some changes to the
HEAD branch nmbd to make the transition to a
sensible WINS back-end (gdbm) easier, and at
SGI they've been running with the HEAD branch
wins server code for a while, so I doubt that
any of Chris's changes will have done this,
but I'm CC:ing him just to be sure :-).

To track this down you could try purify (if you
have a copy) or compile Samba with -DMEM_MAN
to link in the (simple) malloc/free checker
that Andrew wrote. With this compiled in you
can hit nmbd with a SIGUSR1 to have it check
all malloced areas for corruption.

Hope this helps,

	Jeremy.




-- 
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------

More information about the samba-ntdom mailing list