Why this padding check? (SMB2 client query info response handling)

Jeremy Allison jra at samba.org
Wed Oct 1 14:02:49 MDT 2014

On Wed, Oct 01, 2014 at 03:38:23PM -0400, Gordon Ross wrote:
> Can anyone explain why this padding check is here?
> libcli/smb/smb2cli_query_info.c : 157
> if (output_buffer_length < dyn_len) {
>     tevent_req_nterror(
>     return;
> }
> That's demanding the that query response data is padded out to
> fill the (padded out) length of the SMB2 response.
> As far as I can tell, the spec. does not require that,
> and the Samba client appears to be the only one
> we've run across that insists on this padding.
> To clarify, we pad the (outer) SMB2 response to 8 bytes as
> required by MS-SMB2, but we don't currently pad out the
> query info response data contained therein.
> Did I miss something in one of the specs?

Nope, looks like a bug to me. I'm discussing
with metze.



More information about the samba-technical mailing list