[Q] enumprinterdrivers 2|3 is broken
Alexander Bokovoy
ab at samba.org
Wed Jul 2 10:59:10 GMT 2008
It appears that we are never protecting ourselves from \\ slashes in
the incoming server name in spoolss requests. While doing
enumprinterdrivers 2 and 3 levels we call
rpc_server/srv_spoolss_nt.c:enumprinterdrivers_level2() which formats
returned strings as "\\\\%s\%s" where first parameter is server name.
Therefore, our response is sending \\\\ slashes.
In particular, this is different to what Windows does: it looks they
simply normalize slashes everywhere.
This difference actually has a harm effect: Windows client thinks that
a driver is changed on the server and reloads it from the Samba server
on each opening of the printer properties. This is quite noticeable
for large drivers as network consumption increases.
We could normalize name in
rpc_parse/rpc_parse_spoolss.c:spoolss_io_q_enumprinterdrivers()
(reffering to 3-0-stable source) or could strip/normalize in
enumprinterdrivers_level2(). Not sure which way is better and safer.
This logical error exists in rpc code in 3-0 and upwards.
--
/ Alexander Bokovoy
More information about the samba-technical
mailing list