The Samba-Bugzilla – Attachment 7064 Details for
Bug 8573
the SMBnegprot reponse without extended security returns non-aligned unicode strings
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for v3-6-test
tmp36.diff (text/plain), 1.88 KB, created by
Stefan Metzmacher
on 2011-11-06 03:48:12 UTC
(
hide
)
Description:
Patch for v3-6-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2011-11-06 03:48:12 UTC
Size:
1.88 KB
patch
obsolete
>From f7e97e839a2722234df6963c1b74d04c7960dc70 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Fri, 4 Nov 2011 12:52:44 +0100 >Subject: [PATCH] s3:libsmb: the workgroup in the non-extended-security negprot is not aligned (#8573) > >I've tested the fix against NT4 sp6a, W2K sp4, W2K8R2 and Win8pre0. > >metze >(similar to commit aea76a3aaa7ea52f563e7bc8a8ed60d9651f9e34) >--- > source3/libsmb/cliconnect.c | 25 +++++++++++++++++++++---- > 1 files changed, 21 insertions(+), 4 deletions(-) > >diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c >index 113b8a5..f03219b 100644 >--- a/source3/libsmb/cliconnect.c >+++ b/source3/libsmb/cliconnect.c >@@ -2655,6 +2655,7 @@ static void cli_negprot_done(struct tevent_req *subreq) > if (cli->protocol >= PROTOCOL_NT1) { > struct timespec ts; > bool negotiated_smb_signing = false; >+ DATA_BLOB blob = data_blob_null; > > if (wct != 0x11) { > tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE); >@@ -2680,13 +2681,29 @@ static void cli_negprot_done(struct tevent_req *subreq) > /* work out if they sent us a workgroup */ > if (!(cli->capabilities & CAP_EXTENDED_SECURITY) && > smb_buflen(inbuf) > 8) { >+ blob = data_blob_const(bytes + 8, num_bytes - 8); >+ } >+ >+ if (blob.length > 0) { > ssize_t ret; >- status = smb_bytes_talloc_string( >- cli, (char *)inbuf, &cli->server_domain, >- bytes + 8, num_bytes - 8, &ret); >- if (tevent_req_nterror(req, status)) { >+ char *server_domain = NULL; >+ >+ ret = clistr_pull_talloc(cli, >+ (const char *)inbuf, >+ SVAL(inbuf, smb_flg2), >+ &server_domain, >+ (char *)blob.data, >+ blob.length, >+ STR_TERMINATE| >+ STR_UNICODE| >+ STR_NOALIGN); >+ if (ret == -1) { >+ tevent_req_nterror(req, NT_STATUS_NO_MEMORY); > return; > } >+ if (server_domain) { >+ cli->server_domain = server_domain; >+ } > } > > /* >-- >1.7.4.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
jra
:
review+
Actions:
View
Attachments on
bug 8573
: 7064