[PATCHES] MSZIP support for cabinet files
Aurélien Aptel
aaptel at suse.com
Wed Jun 28 10:18:00 UTC 2017
Hi Jeremy,
This is in the push function, the checksum offset is obtained directly
from the ndr writer offset here:
Jeremy Allison via samba-technical <samba-technical at lists.samba.org>
writes:
>> +
>> + for (i = 0; i < num_cfdata; i++, r++) {
>> + uint32_t compressed_offset, compressed_length = 0;
>> + uint32_t csum, csum_offset;
>> + uint32_t csumPartial;
>> +
>> + /*
>> + * checksum is a function of the size fields
>> + * and the potentially compressed data bytes,
>> + * which haven't been compressed yet so
>> + * remember offset, write zeroes, fill out
>> + * later
>> + */
>> + csum_offset = ndr->offset;
>> + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0));
>> +
>> + csumPartial = ndr_cab_compute_checksum(&ndr->data[csum_offset + 8],
>
> ^^^^^^^^^^^^^^^^
> Integer wrap checks ?
> Didn't cnum_offset come from the client ?
The expression will wrap around 4GB indeed but since many fields of CAB
files are 32 bits I'm guessing it's also the file size hard limit of a
CAB file.
Since it's the push function we should probably return an error early if
the data to serialize is too big.
>> + /* write in the folder header the offset of its first data block */
>> + for (i = 0; i < r->cfheader.cFolders; i++) {
>> + SIVAL(ndr->data, OFFSET_OF_FOLDER_COFFCABSTART(i), ndr->offset);
>> + NDR_CHECK(ndr_push_folder_cfdata(ndr, r->cfdata + processed_cfdata, r->cffolders[i].typeCompress, r->cffolders[i].cCFData));
>> + processed_cfdata += r->cffolders[i].cCFData;
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> Here also ?
Same comment here I think.
--
Aurélien Aptel / SUSE Labs Samba Team
GPG: 1839 CB5F 9F5B FB9B AA97 8C99 03C8 A49B 521B D5D3
SUSE Linux GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
More information about the samba-technical
mailing list