Possibility of Segmentation Fault on smbd/trans2.c
Michael B. Allen
mballen at erols.com
Mon Jan 15 09:57:51 GMT 2001
On Mon, Jan 15, 2001 at 02:57:07PM +0900, Kenichi Okuyama wrote:
> Here, we have possibility of having Segmentation Fault for ether
> "params" or "data" whichever is being NULL, by chance.
> # I don't think this is usual case, but that doesn't mean
> # it will not happen.
It's quite common that the number of parameters and/or number of data
bytes be 0. If for instance a TRANS2_QUERY_PATH_INFORMATION was returning
an ERRbadpath etc. So I think if it were a problem it would have been
spotted by now. But I know nothing of how 0, NULL, (void *)0 or otherwise
would manafest itself in the context of the Samba source in question.
Incedentally I noticed an oddity about Samba's TRANS2_FIND_FIRST2/NEXT2
The lastNameOffset field of the TRANS2_FIND_FIRST2 response parameter
block is different between samba(at least 2.0.6) and win98(I don't
remember NT). In Samba this number is the offset from the beginning
of the data section to the _beginning_ of the entry that contains the
last filename(used to resume the search in TRANS2_FIND_NEXT2). But win98
returns the offset from the beginning of the data section to the exact
location of the filename _within_ in the particular entry.
But hey, it works right. That seems to be the theme here :~)
More information about the samba-technical