a question about negprot.c:reply_nt1()

Sat Jun 30 14:54:12 GMT 2001

Anyone want to comment on this?
Is it ok to commit this patch? (with p - q of course)

the bug is still there.

On Sun, Jun 24, 2001 at 11:56:00AM +1000, Tim Potter wrote:
> Simo Sorce writes:
> 
> > parsing the build farm error log of some machines I've seen this error:
> > smbd/negprot.c: In function `reply_nt1':
> > smbd/negprot.c:176: warning: `data_len' might be used uninitialized in this function
> 
> Hmm - I found a bug in the Samba negprot reply code which tridge
> and I worked on a few days ago.  You're right - we didn't update
> the data_len properly.  How about something like this?
> 
> 
> Tim.
> 
> Index: negprot.c
> ===================================================================
> RCS file: /data/cvs/samba/source/smbd/negprot.c,v
> retrieving revision 1.25
> diff -c -r1.25 negprot.c
> *** negprot.c	21 Jun 2001 05:38:28 -0000	1.25
> --- negprot.c	24 Jun 2001 01:51:09 -0000
> ***************
> *** 177,183 ****
>     struct cli_state *cli = NULL;
>     char cryptkey[8];
>     char crypt_len = 0;
> !   char *p;
>   
>     if (lp_security() == SEC_SERVER) {
>   	  cli = server_cryptkey();
> --- 177,183 ----
>     struct cli_state *cli = NULL;
>     char cryptkey[8];
>     char crypt_len = 0;
> !   char *p, *q;
>   
>     if (lp_security() == SEC_SERVER) {
>   	  cli = server_cryptkey();
> ***************
> *** 231,243 ****
>     SIVAL(outbuf,smb_vwv9+1,capabilities); /* capabilities */
>     put_long_date(outbuf+smb_vwv11+1,t);
>     SSVALS(outbuf,smb_vwv15+1,TimeDiff(t)/60);
> -   SSVAL(outbuf,smb_vwv17,data_len); /* length of challenge+domain strings */
>   
> !   p = smb_buf(outbuf);
>     if (doencrypt) memcpy(p, cryptkey, 8);
>     p += 8;
>     p += srvstr_push(outbuf, p, global_myworkgroup, -1, 
>   		   STR_UNICODE|STR_CONVERT|STR_TERMINATE|STR_NOALIGN);
>     set_message_end(outbuf, p);
>   
>     return (smb_len(outbuf)+4);
> --- 231,244 ----
>     SIVAL(outbuf,smb_vwv9+1,capabilities); /* capabilities */
>     put_long_date(outbuf+smb_vwv11+1,t);
>     SSVALS(outbuf,smb_vwv15+1,TimeDiff(t)/60);
>   
> !   p = q = smb_buf(outbuf);
>     if (doencrypt) memcpy(p, cryptkey, 8);
>     p += 8;
>     p += srvstr_push(outbuf, p, global_myworkgroup, -1, 
>   		   STR_UNICODE|STR_CONVERT|STR_TERMINATE|STR_NOALIGN);
> + 
> +   SSVAL(outbuf,smb_vwv17,q - p); /* length of challenge+domain strings */
>     set_message_end(outbuf, p);
>   
>     return (smb_len(outbuf)+4);
> 

-- 
Simo Sorce       idra at samba.org
-------------------------------
Samba Team http://www.samba.org