10896 – netbios name truncating doesn't work

Bug 10896 - netbios name truncating doesn't work

Summary: netbios name truncating doesn't work

Status:	RESOLVED FIXED

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	Other (show other bugs)
Version:	4.1.13
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Karolin Seeger
QA Contact:	Samba QA Contact

URL:
Keywords:

Duplicates (1):	10899 (view as bug list)
Depends on:
Blocks:	11008
	Show dependency tree / graph

Reported:	2014-10-24 11:23 UTC by Robin Hack
Modified:	2014-12-15 09:06 UTC (History)
CC List:	3 users (show)

See Also:

Attachments
My smb.conf (471 bytes, text/plain) 2014-10-24 11:23 UTC, Robin Hack	no flags	Details
Patch for master, 4.1.x, 4.2.x. (2.80 KB, patch) 2014-10-28 19:01 UTC, Jeremy Allison	no flags	Details
v4-2-test patch (3.01 KB, patch) 2014-10-29 14:27 UTC, Andreas Schneider	jra: review+	Details
v4-1-test patch (3.01 KB, patch) 2014-10-29 14:27 UTC, Andreas Schneider	jra: review+	Details
v4-0-test patch (3.01 KB, patch) 2014-10-29 14:28 UTC, Andreas Schneider	jra: review+	Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robin Hack 2014-10-24 11:23:17 UTC

Created attachment 10367 [details]
My smb.conf

Hi.

It looks like nmbd cripples netbios name is too long and needs to be truncate.

[global]
	netbios name = Xabcdefghijklmnopqrstuvwxyz

Logs:

(most interesting are parts with:
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to (yes here is nothing)
Oct 24 07:10:43 unused-4-106 nmbd[20240]: Samba name server XABCDEFGHIJKLMNOPQRSTUVWXYZ is now a local master browser for workgroup APPLEGROUP on subnet 192.168.254.76


Oct 24 07:10:20 unused-4-106 nmbd[20239]: [2014/10/24 07:10:20.840695,  0, pid=20239, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd.c:945(main)
Oct 24 07:10:20 unused-4-106 nmbd[20239]: standard input is not a socket, assuming -D option
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.845337,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_nameregister.c:492(register_name)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.845485,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_nameregister.c:492(register_name)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.845623,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_nameregister.c:492(register_name)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.846109,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_nameregister.c:492(register_name)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.846220,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_nameregister.c:492(register_name)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.846333,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_nameregister.c:492(register_name)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.849986,  0, pid=20240, effective(0, 0), real(0, 0)] ../lib/util/become_daemon.c:136(daemon_ready)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: STATUS=daemon 'nmbd' finished starting up and ready to serve connectionsread_udp_v4_socket: ip 192.168.254.76 port 35072 read: 68
Oct 24 07:10:20 unused-4-106 systemd: Started Samba NMB Daemon.
Oct 24 07:10:43 unused-4-106 nmbd[20240]: [2014/10/24 07:10:43.934065,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_become_lmb.c:397(become_local_master_stage2)
Oct 24 07:10:43 unused-4-106 nmbd[20240]: *****
Oct 24 07:10:43 unused-4-106 nmbd[20240]: 
Oct 24 07:10:43 unused-4-106 nmbd[20240]: Samba name server XABCDEFGHIJKLMNOPQRSTUVWXYZ is now a local master browser for workgroup APPLEGROUP on subnet 192.168.254.76
Oct 24 07:10:43 unused-4-106 nmbd[20240]: 
Oct 24 07:10:43 unused-4-106 nmbd[20240]: *****
Oct 24 07:10:43 unused-4-106 nmbd[20240]: [2014/10/24 07:10:43.935006,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_become_lmb.c:397(become_local_master_stage2)
Oct 24 07:10:43 unused-4-106 nmbd[20240]: *****
Oct 24 07:10:43 unused-4-106 nmbd[20240]: 
Oct 24 07:10:43 unused-4-106 nmbd[20240]: Samba name server XABCDEFGHIJKLMNOPQRSTUVWXYZ is now a local master browser for workgroup APPLEGROUP on subnet 10.34.4.106
Oct 24 07:10:43 unused-4-106 nmbd[20240]: 
Oct 24 07:10:43 unused-4-106 nmbd[20240]: *****

Analyse:
source3/nmbd/nmbd_nameregister.c:

# gdb --args nmbd -F -d 10 -S
(gdb) break register_name
(gdb) run

    477 void register_name(struct subnet_record *subrec,
    478                    const char *name, int type, uint16 nb_flags,
    479                    register_name_success_function success_fn,
    480                    register_name_fail_function fail_fn,
    481                    struct userdata_struct *userdata)
    482 {
    483         struct nmb_name nmbname;
    484         nstring nname;
    485 
    486         errno = 0;
    487         push_ascii_nstring(nname, name);

(gdb) print nname
$1 = "\000ABCDEFGHIJKLMNO"
(gdb) print name
$2 = 0x55555579bdf0 "XABCDEFGHIJKLMNOPQRSTUVWXYZ"

... errno is E2BIG ...

    488         if (errno == E2BIG) {
    489                 unstring tname;
    490                 pull_ascii_nstring(tname, sizeof(tname), nname);

(gdb) print nname
$4 = "\000ABCDEFGHIJKLMNO"
(gdb) print tname
$5 = "\000\000\000\000\000\000\000\000\373\254\242\364\377\177\000\000L\000\000\000UU\000\000\220\234yUUU\000\000\220\234yUUU\000\000\000HE\250\362\277\230:\220\234yUUU\000\000\060\356yUUU\000"

    491                 DEBUG(0,("register_name: NetBIOS name %s is too long. Truncating to %s\n",
    492                         name, tname));
    493                 make_nmb_name(&nmbname, tname, type);

(gdb) print nmbname
$7 = {name = '\000' <repeats 15 times>, scope = '\000' <repeats 63 times>, name_type = 32}

    494         } else {
    495                 make_nmb_name(&nmbname, name, type);
    496         }

Comment 1 Andreas Schneider 2014-10-28 07:56:17 UTC

*** Bug 10899 has been marked as a duplicate of this bug. ***

Comment 2 Andreas Schneider 2014-10-28 07:56:46 UTC

In nmbd we try to truncate the netbios name if we try to register it.

with commit d546adeab54af123eff66cee61a487c88b6ba61b the behaviour of push_ascii_nstring() changed.

This change of behaviour creates a bug in register_name(). If we call push_ascii_nstring() on a netbios name longer than 15 chars we end up registering an empty string!

To reprocude this set the following variable in smb.conf and start nmbd:

  netbios name = XABCDEFGHIJKLMNOPQRSTUVWXYZ

X will be replaced by \0.

Comment 3 Jeremy Allison 2014-10-28 19:01:53 UTC

Created attachment 10376 [details]
Patch for master, 4.1.x, 4.2.x.

Andreas, if this works for you please push to master. Thanks,
Jeremy.

Comment 4 Andreas Schneider 2014-10-29 14:27:14 UTC

Created attachment 10379 [details]
v4-2-test patch

Comment 5 Andreas Schneider 2014-10-29 14:27:47 UTC

Created attachment 10380 [details]
v4-1-test patch

Comment 6 Andreas Schneider 2014-10-29 14:28:21 UTC

Created attachment 10381 [details]
v4-0-test patch

Comment 7 Jeremy Allison 2014-10-29 16:22:23 UTC

Re-assigning to Karolin for inclusion.

Comment 8 Karolin Seeger 2014-10-29 20:13:30 UTC

Pushed to autobuild-v4-[0|1|2]-test.

Comment 9 Karolin Seeger 2014-11-04 20:08:20 UTC

(In reply to Karolin Seeger from comment #8)
Pushed to v4-0-test and v4-2-test, waiting for autobuild-v4-1-test.

Comment 10 Karolin Seeger 2014-11-10 20:32:35 UTC

(In reply to Karolin Seeger from comment #9)
Pushed to v4-1-test.

Closing out bug report.

Thanks!