9 shares give rpc error

Jeremy Allison jeremy at valinux.com
Tue Apr 4 19:00:07 GMT 2000


don_mccall at hp.com wrote:
> 
> Hi giulioo,
> The problem is not, I think with the number of shares, but with the
> number of characters that the sharenames and the share comments add up
> to.
> 
> We appear to be deciding that the data will all fit into the 1024
> buffer that we can return with the SMB 0x25 reply, and we are not
> setting the smb_flg2 to let the client know that it needs to do an
> SMBReadX to get the rest of the data.  The caller of the rpc on the
> client side then must try to parse the fields we have returned in the
> 1024 buffer, and realizes that it is incomplete; in fact, what happens
> is if the amount of information needing to be returned is about 16 bytes
> LESS than 1024, all will be well, as there are a couple of parameters
> that need to be tagged onto the end of the sharename/comment
> datastructure, and this will allow room for it.  If the amount of
> information is Greater than 1024, we are STILL ok, because then we set a
> flag that tells the client he needs to get the rest of the info with a
> READ&X.
> Heres where we stuff the error,count and total parameters at the end of
> the databuffer for the reply to the enum rpc:
> 
>  *rparam_len = 8;
>   *rparam = REALLOC(*rparam,*rparam_len);
>   SSVAL(*rparam,0,missed ? ERRmoredata : NERR_Success);
>   SSVAL(*rparam,2,0);
>   SSVAL(*rparam,4,counted);
>   SSVAL(*rparam,6,total);
> 
> I wasn't able to take the time to track down specifically where we
> miscalculate and do NOT take this extra 8 words into account... Maybe
> Jeremy or one of you other team members can take a look.

Well, this is for the old RAP rpc mechanism of returning
share enums. Samba 2.0.5 and above also support the NT
DCE/RPC method of returning share info, which is the
"use SMBreadX if data too large" method. In the RAP method
Samba never stores the data to return across multiple trans/readX
calls - this is done only in the DCE/RPC case. I think
you are confusing the two methods here.

In 2.0.7 this code has been completely re-written to allow
arbitrary size read/writes down a DCE/RPC pipe so data can
be returned in any read call.

If anyone can reproduce this problem with 2.0.6 or (especially)
2.0.7pre3 I'd like to know about it.

Thanks,

	Jeremy.


-- 
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------


More information about the samba mailing list