Bug 10896 - netbios name truncating doesn't work
netbios name truncating doesn't work
Status: RESOLVED FIXED
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Other
4.1.13
All All
: P5 normal
: ---
Assigned To: Karolin Seeger
Samba QA Contact
:
: 10899 (view as bug list)
Depends on:
Blocks: 11008
  Show dependency treegraph
 
Reported: 2014-10-24 11:23 UTC by Robin Hack
Modified: 2014-12-15 09:06 UTC (History)
3 users (show)

See Also:


Attachments
My smb.conf (471 bytes, text/plain)
2014-10-24 11:23 UTC, Robin Hack
no flags Details
Patch for master, 4.1.x, 4.2.x. (2.80 KB, patch)
2014-10-28 19:01 UTC, Jeremy Allison
no flags Details
v4-2-test patch (3.01 KB, patch)
2014-10-29 14:27 UTC, Andreas Schneider
jra: review+
Details
v4-1-test patch (3.01 KB, patch)
2014-10-29 14:27 UTC, Andreas Schneider
jra: review+
Details
v4-0-test patch (3.01 KB, patch)
2014-10-29 14:28 UTC, Andreas Schneider
jra: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Robin Hack 2014-10-24 11:23:17 UTC
Created attachment 10367 [details]
My smb.conf

Hi.

It looks like nmbd cripples netbios name is too long and needs to be truncate.

[global]
	netbios name = Xabcdefghijklmnopqrstuvwxyz

Logs:

(most interesting are parts with:
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to (yes here is nothing)
Oct 24 07:10:43 unused-4-106 nmbd[20240]: Samba name server XABCDEFGHIJKLMNOPQRSTUVWXYZ is now a local master browser for workgroup APPLEGROUP on subnet 192.168.254.76


Oct 24 07:10:20 unused-4-106 nmbd[20239]: [2014/10/24 07:10:20.840695,  0, pid=20239, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd.c:945(main)
Oct 24 07:10:20 unused-4-106 nmbd[20239]: standard input is not a socket, assuming -D option
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.845337,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_nameregister.c:492(register_name)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.845485,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_nameregister.c:492(register_name)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.845623,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_nameregister.c:492(register_name)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.846109,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_nameregister.c:492(register_name)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.846220,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_nameregister.c:492(register_name)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.846333,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_nameregister.c:492(register_name)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: register_name: NetBIOS name XABCDEFGHIJKLMNOPQRSTUVWXYZ is too long. Truncating to
Oct 24 07:10:20 unused-4-106 nmbd[20240]: [2014/10/24 07:10:20.849986,  0, pid=20240, effective(0, 0), real(0, 0)] ../lib/util/become_daemon.c:136(daemon_ready)
Oct 24 07:10:20 unused-4-106 nmbd[20240]: STATUS=daemon 'nmbd' finished starting up and ready to serve connectionsread_udp_v4_socket: ip 192.168.254.76 port 35072 read: 68
Oct 24 07:10:20 unused-4-106 systemd: Started Samba NMB Daemon.
Oct 24 07:10:43 unused-4-106 nmbd[20240]: [2014/10/24 07:10:43.934065,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_become_lmb.c:397(become_local_master_stage2)
Oct 24 07:10:43 unused-4-106 nmbd[20240]: *****
Oct 24 07:10:43 unused-4-106 nmbd[20240]: 
Oct 24 07:10:43 unused-4-106 nmbd[20240]: Samba name server XABCDEFGHIJKLMNOPQRSTUVWXYZ is now a local master browser for workgroup APPLEGROUP on subnet 192.168.254.76
Oct 24 07:10:43 unused-4-106 nmbd[20240]: 
Oct 24 07:10:43 unused-4-106 nmbd[20240]: *****
Oct 24 07:10:43 unused-4-106 nmbd[20240]: [2014/10/24 07:10:43.935006,  0, pid=20240, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_become_lmb.c:397(become_local_master_stage2)
Oct 24 07:10:43 unused-4-106 nmbd[20240]: *****
Oct 24 07:10:43 unused-4-106 nmbd[20240]: 
Oct 24 07:10:43 unused-4-106 nmbd[20240]: Samba name server XABCDEFGHIJKLMNOPQRSTUVWXYZ is now a local master browser for workgroup APPLEGROUP on subnet 10.34.4.106
Oct 24 07:10:43 unused-4-106 nmbd[20240]: 
Oct 24 07:10:43 unused-4-106 nmbd[20240]: *****

Analyse:
source3/nmbd/nmbd_nameregister.c:

# gdb --args nmbd -F -d 10 -S
(gdb) break register_name
(gdb) run

    477 void register_name(struct subnet_record *subrec,
    478                    const char *name, int type, uint16 nb_flags,
    479                    register_name_success_function success_fn,
    480                    register_name_fail_function fail_fn,
    481                    struct userdata_struct *userdata)
    482 {
    483         struct nmb_name nmbname;
    484         nstring nname;
    485 
    486         errno = 0;
    487         push_ascii_nstring(nname, name);

(gdb) print nname
$1 = "\000ABCDEFGHIJKLMNO"
(gdb) print name
$2 = 0x55555579bdf0 "XABCDEFGHIJKLMNOPQRSTUVWXYZ"

... errno is E2BIG ...

    488         if (errno == E2BIG) {
    489                 unstring tname;
    490                 pull_ascii_nstring(tname, sizeof(tname), nname);

(gdb) print nname
$4 = "\000ABCDEFGHIJKLMNO"
(gdb) print tname
$5 = "\000\000\000\000\000\000\000\000\373\254\242\364\377\177\000\000L\000\000\000UU\000\000\220\234yUUU\000\000\220\234yUUU\000\000\000HE\250\362\277\230:\220\234yUUU\000\000\060\356yUUU\000"

    491                 DEBUG(0,("register_name: NetBIOS name %s is too long. Truncating to %s\n",
    492                         name, tname));
    493                 make_nmb_name(&nmbname, tname, type);

(gdb) print nmbname
$7 = {name = '\000' <repeats 15 times>, scope = '\000' <repeats 63 times>, name_type = 32}

    494         } else {
    495                 make_nmb_name(&nmbname, name, type);
    496         }
Comment 1 Andreas Schneider 2014-10-28 07:56:17 UTC
*** Bug 10899 has been marked as a duplicate of this bug. ***
Comment 2 Andreas Schneider 2014-10-28 07:56:46 UTC
In nmbd we try to truncate the netbios name if we try to register it.

with commit d546adeab54af123eff66cee61a487c88b6ba61b the behaviour of push_ascii_nstring() changed.

This change of behaviour creates a bug in register_name(). If we call push_ascii_nstring() on a netbios name longer than 15 chars we end up registering an empty string!

To reprocude this set the following variable in smb.conf and start nmbd:

  netbios name = XABCDEFGHIJKLMNOPQRSTUVWXYZ

X will be replaced by \0.
Comment 3 Jeremy Allison 2014-10-28 19:01:53 UTC
Created attachment 10376 [details]
Patch for master, 4.1.x, 4.2.x.

Andreas, if this works for you please push to master. Thanks,
Jeremy.
Comment 4 Andreas Schneider 2014-10-29 14:27:14 UTC
Created attachment 10379 [details]
v4-2-test patch
Comment 5 Andreas Schneider 2014-10-29 14:27:47 UTC
Created attachment 10380 [details]
v4-1-test patch
Comment 6 Andreas Schneider 2014-10-29 14:28:21 UTC
Created attachment 10381 [details]
v4-0-test patch
Comment 7 Jeremy Allison 2014-10-29 16:22:23 UTC
Re-assigning to Karolin for inclusion.
Comment 8 Karolin Seeger 2014-10-29 20:13:30 UTC
Pushed to autobuild-v4-[0|1|2]-test.
Comment 9 Karolin Seeger 2014-11-04 20:08:20 UTC
(In reply to Karolin Seeger from comment #8)
Pushed to v4-0-test and v4-2-test, waiting for autobuild-v4-1-test.
Comment 10 Karolin Seeger 2014-11-10 20:32:35 UTC
(In reply to Karolin Seeger from comment #9)
Pushed to v4-1-test.

Closing out bug report.

Thanks!