[PATCH 5/5] idl: add to_null attribute to the spoolss formname array
David Disseldorp
ddiss at suse.de
Mon Nov 14 09:59:46 MST 2011
OpenPrinterEx requests have been observed in the wild carrying a device
mode formname "A4" followed by non-utf16 garbage after the null
terminator. Such requests currently fail during unmarshalling in the
ndr_pull_charset() codepath, causing intermittent print job failures.
This change ensures that garbage after the device mode formname null
terminator is not processed in unmarshalling.
https://bugzilla.samba.org/show_bug.cgi?id=8606
---
librpc/idl/spoolss.idl | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/librpc/idl/spoolss.idl b/librpc/idl/spoolss.idl
index 4599e3a..4b1f94f 100644
--- a/librpc/idl/spoolss.idl
+++ b/librpc/idl/spoolss.idl
@@ -697,7 +697,7 @@ cpp_quote("#define spoolss_security_descriptor security_descriptor")
uint16 yresolution;
spoolss_DeviceModeTTOption ttoption;
spoolss_DeviceModeCollate collate;
- [charset(UTF16)] uint16 formname[MAXDEVICENAME];
+ [charset(UTF16),to_null] uint16 formname[MAXDEVICENAME];
uint16 logpixels; /* reserved */
uint32 bitsperpel; /* reserved */
uint32 pelswidth; /* reserved */
--
1.7.1
More information about the samba-technical
mailing list