interpret_long_filename changes from 3.0 to 3.2

Jeremy Allison jra at samba.org
Sat Dec 13 19:41:44 GMT 2008


On Sat, Dec 13, 2008 at 08:00:26AM +0100, Kai Blin wrote:
> Hi Jeremy,
> 
> I'm currently trying to understand the changes you made to 
> libsmb/clilist.c:interpret_long_filename() when you cleared out the pstrings 
> there. This is to debug the remaining issue of bug #5953. You already fixed 
> the segfault there, but it seems the entries that caused the segfault are not 
> being displayed now.
> 
> Looking at the traces, it seems like the access check at line 91 (on 
> libsmb/clilist.c in current v3-2-test) is wrong. At least for the traces I've 
> seen, the len already includes the null terminator, so a check for
> p + len + 1 < pdata_end
> would certainly fail for the last entry.
> 
> Can you confirm that if len already includes the null termination, the + 1 in 
> the check is not needed?

Kai you need to check with Guenther on this,
I believe the +1 was added for OS/2 servers.
However, we had an off-by-one bug in pulling
an ASCII version of a string so this may be a
fix that was added to work around a different
bug. We've since fixed the "off-by-one" bug
in pull_ascii_base_talloc in 3.2.6, so your
fix may still work with OS/2 servers.

Guenther, can you comment ?

The bug is #5953.

Jeremy.


More information about the samba-technical mailing list