Why this padding check? (SMB2 client query info response handling)
Jeremy Allison
jra at samba.org
Wed Oct 1 14:02:49 MDT 2014
On Wed, Oct 01, 2014 at 03:38:23PM -0400, Gordon Ross wrote:
> Can anyone explain why this padding check is here?
>
> libcli/smb/smb2cli_query_info.c : 157
>
> if (output_buffer_length < dyn_len) {
> tevent_req_nterror(
> req, NT_STATUS_INVALID_NETWORK_RESPONSE);
> return;
> }
>
> That's demanding the that query response data is padded out to
> fill the (padded out) length of the SMB2 response.
> As far as I can tell, the spec. does not require that,
> and the Samba client appears to be the only one
> we've run across that insists on this padding.
>
> To clarify, we pad the (outer) SMB2 response to 8 bytes as
> required by MS-SMB2, but we don't currently pad out the
> query info response data contained therein.
> Did I miss something in one of the specs?
Nope, looks like a bug to me. I'm discussing
with metze.
Cheers,
Jeremy.
More information about the samba-technical
mailing list