NDR64 dcerpc_bind_ack unmarshalling failures
David Disseldorp
ddiss at suse.de
Tue Apr 3 11:13:49 MDT 2012
Hi Metze,
On Tue, 03 Apr 2012 18:21:57 +0200
"Stefan (metze) Metzmacher" <metze at samba.org> wrote:
...
> > This is compiled by pidl into:
> > static enum ndr_err_code ndr_pull_dcerpc_bind_ack(struct ndr_pull *ndr, int ndr_flags, struct dcerpc_bind_ack *r)
> > {
> > ...
> > if (ndr_flags & NDR_SCALARS) {
> > ...
> > {
> > uint32_t _flags_save_DATA_BLOB = ndr->flags;
> > ndr_set_flags(&ndr->flags, LIBNDR_FLAG_REMAINING);
> > NDR_CHECK(ndr_pull_DATA_BLOB(ndr, NDR_SCALARS, &r->auth_info));
> > ndr->flags = _flags_save_DATA_BLOB;
> > }
> > NDR_CHECK(ndr_pull_trailer_align(ndr, 4));
> >
> > With the NDR_REMAINING flag set, ndr_pull_DATA_BLOB pulls all trailing
> > packet bytes into r->auth_info, leaving ndr->offset == ndr->data_size.
> > My Windows Server "8" Beta bind_ack response is 323 bytes which causes
> > the subsequent ndr_pull_trailer_align() call to fail with
> > NDR_ERR_BUFSIZE.
> >
...
>
> What has that to do with NDR64? As far as I know NDR64 is only used for
> the payload
> not for the DCERPC pdus.
ndr_pull_trailer_align() only attempts to pulls alignment bytes when
NDR64 is in use.
> Can you post a capture?
Sure:
http://samba.org/~ddiss/ndr64_dcerpc_bind_with_alignment_pull.cap
Cheers, David
More information about the samba-technical
mailing list