[SMB] NTCreateANDX quesiotn
Jeremy Allison
jra at samba.org
Fri Jun 8 04:26:41 GMT 2007
On Thu, Jun 07, 2007 at 10:48:28PM -0400, Michael B Allen wrote:
> On Fri, 8 Jun 2007 11:11:21 +0900
> "yang mikey" <mikeyredmoon at gmail.com> wrote:
>
> > hi, everybody
> > I found a interesting thing,
> >
> > when I see the header of NTCreateANCX[0xA2] via Ethereal
> > I found the value of WORD COUNT is 42, but the position of BYTE COUNT is not
> > at
> > (offset of WORD COUNT) + (value of WORD COUNT) *2.
> >
> > Why it happened, and How Ethereal knows the correct position of BYTE COUNT.
>
> The WordCount should be more like 24. I would have to see a capture
> to understand what the problem is. It could be that Ethereal just got
> confused. Try the latest Wireshark.
No, the word count is correct. NTCreateX suffers from what
I believe is an internal bug in Windows - the number of bytes
returned should mean a word count of 50, but the max word
count returned is 42 - the extra bytes are appended (even
though bcc is zero). This is only returned if the client
asks for "extended info".
Jeremy.
More information about the samba-technical
mailing list