The Samba-Bugzilla – Attachment 8110 Details for
Bug 9209
Parse of invalid SMB2 create blob can cause smbd crash.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for v4-0-test and v3-6-test
tmp40.diff (text/plain), 1.09 KB, created by
Stefan Metzmacher
on 2012-10-27 09:05:03 UTC
(
hide
)
Description:
Patch for v4-0-test and v3-6-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2012-10-27 09:05:03 UTC
Size:
1.09 KB
patch
obsolete
>From ae9f0529fde50a8a16e8c76ecef0450d6ca1939b Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Sat, 27 Oct 2012 08:11:14 +0200 >Subject: [PATCH] libcli/smb: fix unitialized padding in > smb2_create_blob_push_one() (bug #9209) > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Autobuild-User(master): Stefan Metzmacher <metze@samba.org> >Autobuild-Date(master): Sat Oct 27 10:05:22 CEST 2012 on sn-devel-104 >(cherry picked from commit 2b4672f2d30c01a4767acf660ddb061676c59908) >--- > libcli/smb/smb2_create_blob.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/libcli/smb/smb2_create_blob.c b/libcli/smb/smb2_create_blob.c >index 92387db..c6b2e1e 100644 >--- a/libcli/smb/smb2_create_blob.c >+++ b/libcli/smb/smb2_create_blob.c >@@ -113,7 +113,7 @@ static NTSTATUS smb2_create_blob_push_one(TALLOC_CTX *mem_ctx, DATA_BLOB *buffer > size_t next_pad = 0; > bool ok; > >- blob_offset = 0x14 + tag_length; >+ blob_offset = 0x10 + tag_length; > blob_pad = smb2_create_blob_padding(blob_offset, 8); > next_offset = blob_offset + blob_pad + blob->data.length; > if (!last) { >-- >1.7.9.5 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
jra
:
review+
obnox
:
review+
vl
:
review+
Actions:
View
Attachments on
bug 9209
:
7956
|
8036
| 8110