The Samba-Bugzilla – Attachment 17319 Details for
Bug 15085
[SECURITY] CVE-2022-32742:SMB1 code does not correct verify SMB1write, SMB1write_and_close, SMB1write_and_unlock lengths.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Raw patch for master.
look (text/plain), 614 bytes, created by
Jeremy Allison
on 2022-06-07 00:17:48 UTC
(
hide
)
Description:
Raw patch for master.
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2022-06-07 00:17:48 UTC
Size:
614 bytes
patch
obsolete
>diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h >index 85ef221ed18..b70b029bd35 100644 >--- a/source3/include/smb_macros.h >+++ b/source3/include/smb_macros.h >@@ -151,7 +151,7 @@ > #define smb_buflen(buf) (SVAL(buf,smb_vwv0 + (int)CVAL(buf, smb_wct)*2)) > > /* the remaining number of bytes in smb buffer 'buf' from pointer 'p'. */ >-#define smbreq_bufrem(req, p) (req->buflen - PTR_DIFF(p, req->buf)) >+#define smbreq_bufrem(req, p) (req->buflen < PTR_DIFF(p, req->buf) ? 0 : req->buflen - PTR_DIFF(p, req->buf)) > > > /* Note that chain_size must be available as an extern int to this macro. */
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 15085
:
17318
|
17319
|
17322
|
17323
|
17324
|
17325
|
17326
|
17327
|
17329
|
17334
|
17335
|
17336
|
17348
|
17349
|
17378
|
17393
|
17427
|
17434
|
17447