smbclient error when ls against win10 share
Jeremy Allison
jra at samba.org
Tue Apr 5 16:01:25 UTC 2016
On Tue, Apr 05, 2016 at 10:12:27AM +0000, Thomas Dvorachek wrote:
> Yep - zip of two pcapng files attached.
>
> Trace shows what i saw when i added a bunch of debug outputs to source: in "find_first2 data" smb response, whenever the "Reserved" value immediately after "Short file name len" is not zero, smbclient pops the cli_list error 260 (we're hitting the "Bad short name length" test of slen greater than 24 in source.)
>
> In traces: both doing `ls` from "Windows" directory; one error trace due to "addins" directory entry having "1f" in Reserved field, one error trace due to "Boot" directory entry having "12" in Reserved field.
>
> Could be my win10 device is responding with bad packet structure, or something might be misaligned in smbclient processing the response packet fields.
> BTW: no errors when i use a windows device to `net use x: \\IP-addr\c$`, `x:`, `cd Windows`, `dir` ... cmd.exe outputs listing ok.
> Thx.
Oh, looks like source3/libsmb/clilist.c
is reading a 16-bit value where it should
be reading an 8-bit one.
Also, looks like Win10 is returning an
uninitialized byte here..
Can you try this patch and see if it
fixes it ?
If so I'll log a bug and get this
fixed in master and released branches.
Cheers,
Jeremy.
-------------- next part --------------
diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c
index 94bbc57..6438d3b 100644
--- a/source3/libsmb/clilist.c
+++ b/source3/libsmb/clilist.c
@@ -186,7 +186,7 @@ static size_t interpret_long_filename(TALLOC_CTX *ctx,
namelen = IVAL(p,0);
p += 4;
p += 4; /* EA size */
- slen = SVAL(p, 0);
+ slen = CVAL(p, 0);
if (slen > 24) {
/* Bad short name length. */
return pdata_end - base;
More information about the samba-technical
mailing list