There are tests all over the SMB1 code to check that srv_send_smb fails, but it never returns false

[Richard Sharpe]

Hi folks,

We see the following code in srv_send_smb (even in master):

        ret = write_data(sconn->sock, buf_out+nwritten, len - nwritten);
        if (ret <= 0) {

                char addr[INET6_ADDRSTRLEN];
                /*
                 * Try and give an error message saying what
                 * client failed.
                 */
                DEBUG(1,("pid[%d] Error writing %d bytes to client %s.
%d. (%s)\n",
                         (int)sys_getpid(), (int)len,
                         get_peer_addr(sconn->sock, addr, sizeof(addr)),
                         (int)ret, strerror(errno) ));

                srv_free_enc_buffer(buf_out);
                goto out;
        }

        SMB_PERFCOUNT_SET_MSGLEN_OUT(pcd, len);
        srv_free_enc_buffer(buf_out);
out:
        SMB_PERFCOUNT_END(pcd);

        smbd_unlock_socket(sconn);
        return true;
}

Even if the write to the socket/fd fails, we never return false and
will keep reading stuff off of the input buffer until it is exhausted
and then we will exit. That seems somewhat incorrect.

-- 
Regards,
Richard Sharpe
(何以解憂？唯有杜康。--曹操)