NTCreateAndX Response with wrong WordCount.
Michael B Allen
mba2000 at ioplex.com
Sun Aug 1 06:10:00 GMT 2004
On Sun, 1 Aug 2004 00:05:10 -0500
"Christopher R. Hertel" <crh at ubiqx.mn.org> wrote:
> > I see W2K and XP have a WordCount of 42 whereas NT is 34.
>
> Okay, that's weird.
>
> 26 + 8 = 34
> 34 + 8 = 42
>
> ...and 26 is the "correct" number of bytes (per the SNIA doc).
The docs (SNIA and Leach v2) are incorrect. If you simply add up the sizes
of fields in the packet description it's 34 bytes. That 26 is just wrong.
As you pointed out above I think it's interesting that (34 - 26) * 2 is
16 which is how big that garbage trailer is in W2K and XP NT_CREATE_ANDX
responses. It's as if the MS developers were reviewing the code for the
next generation CIFS implementation and said "Ahh, according to the docs
this packet is 16 bytes too small, let's make it bigger!"
Mike
--
Greedo shoots first? Not in my Star Wars.
More information about the samba-technical
mailing list