BUG in enumprinterdataex
Jeremy Allison
jra at samba.org
Sat Feb 3 17:24:26 GMT 2007
On Sat, Feb 03, 2007 at 09:28:43AM +0100, Martin wrote:
> >
> Hi!
> I certainly trapped vista again.
> The proposed fix works with XP but not with Vista.
> Easy to compare: Samba returns a buffer size of 1642 bytes.
> -> XP offers a buffer of 1644 bytes.
> -> Vista 1642 bytes.
>
> If we only align the buffer size (as in the proposed patch), we earn a
> 1783 error. It seems that the buffer size in the RPC *must* match the
> "needed" size in the message itself.
>
> So the better fix would be to align the "needed" var before the test
> against the input size.
So you're saying round up needed to a 4 byte boundary before
setting it in r_u->needed ?
I've attached a proposed fix - can you test it for me
before Monday (I don't have my Vista test env set up
at home yet).
Jeremy.
-------------- next part --------------
Index: rpc_server/srv_spoolss_nt.c
===================================================================
--- rpc_server/srv_spoolss_nt.c (revision 21132)
+++ rpc_server/srv_spoolss_nt.c (working copy)
@@ -9385,6 +9385,15 @@
/* housekeeping information in the reply */
+ /* Fix from Martin Zielinski <mz at seh.de> - ensure
+ * the hand marshalled container size is a multiple
+ * of 4 bytes for RPC alignment.
+ */
+
+ if (needed % 4) {
+ needed += 4-(needed % 4);
+ }
+
r_u->needed = needed;
r_u->returned = num_entries;
@@ -9397,15 +9406,6 @@
r_u->ctr.size = r_u->needed;
- /* Fix from Martin Zielinski <mz at seh.de> - ensure
- * the hand marshalled container size is a multiple
- * of 4 bytes for RPC alignment.
- */
-
- if (needed % 4) {
- r_u->ctr.size += 4-(needed % 4);
- }
-
r_u->ctr.size_of_array = r_u->returned;
r_u->ctr.values = enum_values;
More information about the samba-technical
mailing list