Total dcerpc response payload more than 0x400000

Evgeny Sinelnikov sin at altlinux.ru
Fri Jun 3 00:16:29 UTC 2016


Hello,

during join Samba DC (version 4.4.3) into existing Windows domain ()
we got next problem:
...
Replicated 72 objects (12 linked attributes) for DC=xx,DC=xxx,DC=ru
Unexpected total payload 0x4010E0 > 0x400000 dcerpc response
ERROR(runtime): uncaught exception - (-1073610723, 'An RPC protocol
error occurred.')
  File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line 175, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py",
line 651, in run
    machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
  File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1192, in join_DC
    ctx.do_join()
  File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1096, in do_join
    ctx.join_replicate()
  File "/usr/lib64/python2.7/site-packages/samba/join.py", line 838,
in join_replicate
    replica_flags=ctx.domain_replica_flags)
  File "/usr/lib64/python2.7/site-packages/samba/drs_utils.py", line
253, in replicate
    (level, ctr) = self.drs.DsGetNCChanges(self.drs_handle, req_level, req)
checking sAMAccountName
...

After some search queries, we found next links:
- http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1748
- https://github.com/lede-project/source/blob/master/package/network/services/samba36/patches/022-CVE-2015-5370-v3-6.patch

So we could think, that constant
DCERPC_NCACN_PAYLOAD_MAX_SIZE = 0x400000; /* 4 MByte */
is not absolutelly right.

It would be correct to simply increase this constant?


-- 
Sin (Sinelnikov Evgeny)



More information about the samba-technical mailing list