From 23b95a377de537f60665d4b8d3fdffdfcf3aa6ca Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 11 Mar 2013 12:27:59 -0700
Subject: [PATCH 1/2] Part 1 of fix for 9706 - Parameter is incorrect on
 Android.

Match Windows in ignoring a upper_read size of 0xFFFF
explicitly.

Signed-off-by: Jeremy Allison <jra@samba.org>
---
 source3/smbd/reply.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 64c4fdb..b4828fc 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -3855,12 +3855,19 @@ nosendfile_read:
  we supported this.
 ****************************************************************************/
 
-static bool server_will_accept_large_read(void)
+static bool server_will_accept_large_read(size_t upper_size)
 {
 	/* Samba client ? No problem. */
 	if (get_remote_arch() == RA_SAMBA) {
 		return true;
 	}
+	/*
+	 * Windows explicitly ignores upper size of 0xFFFF.
+	 * See [MS-CIFS].pdf <26> Section 2.2.4.2.1:
+	 */
+	if (upper_size == 0xFFFF) {
+		return false;
+	}
 	/* Need UNIX extensions. */
 	if (!lp_unix_extensions()) {
 		return false;
@@ -3914,7 +3921,7 @@ void reply_read_and_X(struct smb_request *req)
 	}
 
 	upper_size = SVAL(req->vwv+7, 0);
-	if ((upper_size != 0) && server_will_accept_large_read()) {
+	if ((upper_size != 0) && server_will_accept_large_read(upper_size)) {
 		/*
 		 * This is Samba only behavior (up to Samba 3.6)!
 		 *
-- 
1.8.1.3


From 854ab515456810311439b0a9416567b02f3ceb05 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 11 Mar 2013 12:29:40 -0700
Subject: [PATCH 2/2] Part 2 of fix for 9706 - Parameter is incorrect on
 Android.

Client must have told us it will do CAP_LARGE_READX.

Signed-off-by: Jeremy Allison <jra@samba.org>
---
 source3/smbd/reply.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index b4828fc..db835e0 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -3872,7 +3872,8 @@ static bool server_will_accept_large_read(size_t upper_size)
 	if (!lp_unix_extensions()) {
 		return false;
 	}
-	return true;
+	/* Client also needs to have told us it can do LARGE_READX. */
+	return (global_client_caps & CAP_LARGE_READX);
 }
 
 /****************************************************************************
-- 
1.8.1.3