[SCM] Samba Shared Repository - branch master updated
Matthias Dieter Wallnöfer
mdw at samba.org
Wed Nov 3 09:02:59 MDT 2010
Metze,
I would be very glad if you could work out the right fix. Since mine was
only an attempt - I wanted only to make sure that this isn't uninitialised.
Greets,
Matthias
Stefan (metze) Metzmacher wrote:
> Hi Matthias,
>
>
>> commit 4902b71a607a0899d1a2d65b80eebdc121f4ef1d
>> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
>> Date: Wed Nov 3 09:23:33 2010 +0100
>>
>> s4:RPC server - always set the response pad data in base of the request one
>>
>> Otherwise it could remain uninitialised - should fix bug #7769.
>>
> ...
>
>> @@ -220,6 +221,8 @@ _PUBLIC_ NTSTATUS dcesrv_reply(struct dcesrv_call_state *call)
>> pkt.u.response.alloc_hint = stub.length;
>> pkt.u.response.context_id = call->pkt.u.request.context_id;
>> pkt.u.response.cancel_count = 0;
>> + pkt.u.response._pad.data = call->pkt.u.request._pad.data;
>> + pkt.u.response._pad.length = call->pkt.u.request._pad.length;
>> pkt.u.response.stub_and_verifier.data = stub.data;
>> pkt.u.response.stub_and_verifier.length = length;
>>
> I'm not sure this is the correct fix.
>
> ndr_push_DATA_BLOB() called with NDR_ALIGN8, should never look at this
> values
> at all. And if we need to initialize them we should initialize them to zero.
>
> metze
>
>
More information about the samba-technical
mailing list