There are tests all over the SMB1 code to check that srv_send_smb fails, but it never returns false
Richard Sharpe
realrichardsharpe at gmail.com
Fri Jul 19 13:57:40 MDT 2013
Hi folks,
We see the following code in srv_send_smb (even in master):
ret = write_data(sconn->sock, buf_out+nwritten, len - nwritten);
if (ret <= 0) {
char addr[INET6_ADDRSTRLEN];
/*
* Try and give an error message saying what
* client failed.
*/
DEBUG(1,("pid[%d] Error writing %d bytes to client %s.
%d. (%s)\n",
(int)sys_getpid(), (int)len,
get_peer_addr(sconn->sock, addr, sizeof(addr)),
(int)ret, strerror(errno) ));
srv_free_enc_buffer(buf_out);
goto out;
}
SMB_PERFCOUNT_SET_MSGLEN_OUT(pcd, len);
srv_free_enc_buffer(buf_out);
out:
SMB_PERFCOUNT_END(pcd);
smbd_unlock_socket(sconn);
return true;
}
Even if the write to the socket/fd fails, we never return false and
will keep reading stuff off of the input buffer until it is exhausted
and then we will exit. That seems somewhat incorrect.
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
More information about the samba-technical
mailing list