I am on Fedora 13 x64-64 running with samba-client-3.6.13. When I issue the following command: $ rpcclient -U Administrator%<pass> -c 'netshareenum 502'<FQDN of server> ... SACL Segmentation fault (core dumped) The problem is the "totalentries" count is larger than the actual size of the array of SHARE_502_INFO structures. This condition causes rpcclient to shoot past the end of the array and SEGV. A small snippet of gdb for illustration purposes notes while in cmd_srvsvc_net_share_enum_int (source3/rpcclient/cmd_srvsvc.c): (gdb) p *info_ctr.ctr.ctr502 $9 = { count = 34, array = 0x67a140 } (gdb) p totalentries $10 = 35 The "count" needs to be used for the loop that displays the results, not total entries.
Created attachment 9153 [details] wireshark pcap file showing the problem.
Created attachment 9155 [details] Trace showing WERR_MORE_DATA case
Added an attachment that shows WERR_MORE_DATA case on a Windows 2008 server. Total number of shares is only 26 but via info level 2 command. Looking more at the code, it seems NetShareEnum isn't really equipped to handle WERR_MORE_DATA scenarios. Still investigating.
Fixed with 6e82f70da089 in 2013