From 6477f69080b453f8ca9213565657cdc79f173fe8 Mon Sep 17 00:00:00 2001
From: Matthieu Patou <mat@matws.net>
Date: Thu, 19 Sep 2013 11:18:32 -0700
Subject: [PATCH] libcli: continue to read from the socket even if the size is
 0

This is an issue found by Codenomicon, with a malicious packet with 0
bytes UDP payload we will continiously be looping trying to react from
the socket event and continiously do nothing as we will bail out
thinking that we had a memory allocation error.

Original fix comes from Volker Lendecke <vl@samba.org>

Signed-off-by: Matthieu Patou <mat@matws.net>
---
 source4/libcli/dgram/dgramsocket.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source4/libcli/dgram/dgramsocket.c b/source4/libcli/dgram/dgramsocket.c
index 3f06dc7..cd6d3e4 100644
--- a/source4/libcli/dgram/dgramsocket.c
+++ b/source4/libcli/dgram/dgramsocket.c
@@ -48,7 +48,7 @@ static void dgm_socket_recv(struct nbt_dgram_socket *dgmsock)
 	}
 
 	blob = data_blob_talloc(tmp_ctx, NULL, dsize);
-	if (blob.data == NULL) {
+	if ((dsize != 0) && (blob.data == NULL)) {
 		talloc_free(tmp_ctx);
 		return;
 	}
-- 
1.8.1.2