Bug 14356 - protocol error - Unclear debug message "pad length mismatch" for invalid bind packet
Summary: protocol error - Unclear debug message "pad length mismatch" for invalid bind...
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: DCE-RPCs and pipes (show other bugs)
Version: 4.12.1
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Jule Anger
QA Contact: Samba QA Contact
URL: https://gitlab.com/samba-team/samba/-...
Keywords:
Depends on:
Blocks:
 
Reported: 2020-04-23 23:06 UTC by Andrew Bartlett
Modified: 2024-11-25 15:10 UTC (History)
7 users (show)

See Also:


Attachments
packet which Samba parses incorrectly, eventually giving 'bad pad length' (2.83 KB, text/plain)
2020-04-23 23:34 UTC, Andrew Bartlett
no flags Details
packet which Samba parses correctly (3.25 KB, text/plain)
2020-04-23 23:35 UTC, Andrew Bartlett
no flags Details
Patches for v4-21-test (180.23 KB, text/plain)
2024-10-10 15:24 UTC, Stefan Metzmacher
asn: review+
Details
Patches for v4-20-test (180.23 KB, text/plain)
2024-10-10 15:24 UTC, Stefan Metzmacher
asn: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Bartlett 2020-04-23 23:06:46 UTC
From the reporter:
https://lists.samba.org/archive/samba/2020-April/229334.html

> 1. You have a new Windows 10 client
> 2. The computer MUST NOT be in the computer list in the AC-DC
> 3. You join the Windows client to the domain and reboot
> 4. About when the login screen appears on the Windows client, the
> error message pops up.
> 
> If the computer is already listed in the AD-DC, you can remove and
> rejoin the Windows Client as much as you want without the error.
> And if the computer object is new, it also only happens I would say 4
> out of 5 times.
> 
> I was able to record the logs with your suggested loglevel and a
> corresponding tcpdump. I will send it to you separately, maybe it
> helps.
> 
> Since everything else is working fine (join, login etc) this is
> definitely not a critical issue IMHO.
Comment 1 Andrew Bartlett 2020-04-23 23:34:33 UTC
Created attachment 15939 [details]
packet which Samba parses incorrectly, eventually giving 'bad pad length'
Comment 2 Andrew Bartlett 2020-04-23 23:35:34 UTC
Created attachment 15940 [details]
packet which Samba parses correctly

Both these dumps are cut off not to include the SPNEGO packet, as that may be sensitive, but it shows how we get the parse wrong.
Comment 3 Andrew Bartlett 2020-10-14 03:49:29 UTC
The unclear message is improved in Samba 4.13 with:

commit ae5cb7346bf6f7759c88d7df6a5c1bd7965ee284
Author: Andrew Bartlett <abartlet@samba.org>
Date:   Fri Apr 24 11:04:00 2020 +1200

    librpc: Provide clearer debug messages for malformed DCE/RPC bind
    
    REF: https://lists.samba.org/archive/samba/2020-April/229334.html
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356
    
    Signed-off-by: Andrew Bartlett <abartlet@samba.org>
    Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Comment 4 Stefan Metzmacher 2020-11-09 11:13:58 UTC
This is not fixed
Comment 5 Stefan Metzmacher 2020-11-09 11:42:14 UTC
Windows seems to be lazy and just changes num_contexts from 3 to 2,
but leaves the space for the 3rd context in the pdu, but leaves
auth_pad_length = 0.

So we have to ignore any padding bytes without generating an protocol error.
Comment 7 Samba QA Contact 2024-10-10 15:18:04 UTC
This bug was referenced in samba master:

8c6b5b87434e96d4cb695c0a5cf8aa0a0472c6a4
b51ab42284211981a1ee6c8865845c7dfc985cb4
98d908bfd07283878a7a6a630c2bfe5d27b5ffd8
93bd5ba609f93ce8298f12f2a7b0ad333e0f48bf
31c2f35bba003daee39756e83def0f3d45c19c6b
8e6696b2ac6990f3d6bac804c9a0f1a2b8f0ada0
9309283ddbcc60cb8dac8ecd3f4bcecfbf8ac732
be02d4077db1d6c35b2e480937a04b5e70545a6d
0acbbeab4db0c8bc8ff655d652e249fecb3c4ef9
444f9c6624f5c997dfdc4ae0bfb8823a56fbef70
bb8ad1f22924b581bfb66555713e98efa91372b2
ac5818f2dd348e61b4be35505bee00b330ec4450
a2d894fd37aaa9bce64ad95e01412681a08790ea
09e8dd23ce0c08c5c04bd74121f3664f420af877
57fb07f5a3369d679f8918f853303b56e58dfb3d
7b5c3f9b1f334eb9d7906338e2e64196a6530068
0da9e4d7430c7dbb37783e6152f7672bf29498e9
0bc562eb26cad3a5cb8da2da54db86932791f3de
f7a3827010a859839a3ae7d0cdf297a15610d286
890fff1ca0c4e1eb8ef26c4f88aa18aeda3afc4f
7a6a1aae6fa74ab0f55c1160aedd2d79c9a44a90
85b2dcd93848a590727dac243e8eb3614be75fad
97545873ebc2daf9c3daee914a90687625a08225
31a422b7e58d7a670ebedb7c91f240a3134a9624
55dd8bdb05b4e814beb50d11a6f12c94e5f6e9d5
86808d66f30136850f857b749e768c88de3a079f
8b8e4ff1b19ba06821d774d0e1a8b1cad7f06120
9263ce5752063235836d5f77220b0151df6c9408
Comment 8 Stefan Metzmacher 2024-10-10 15:24:00 UTC
Created attachment 18466 [details]
Patches for v4-21-test
Comment 9 Stefan Metzmacher 2024-10-10 15:24:23 UTC
Created attachment 18467 [details]
Patches for v4-20-test
Comment 10 Andreas Schneider 2024-10-29 10:41:01 UTC
Jule, please apply the patches to the corresponding branches. Thanks!
Comment 11 Jule Anger 2024-11-07 08:11:18 UTC
Pushed to autobuild-v4-{21,20}-test.
Comment 12 Samba QA Contact 2024-11-07 09:22:13 UTC
This bug was referenced in samba v4-20-test:

2d2d5f675d455b8bd0592d4a80cb0448d0ebfb63
b647d52691209632d772fbaab1f976d45f27801a
c063734ac319a716b9d5dc00e3b25aed30fd40a5
d095ad71cc5ec077a416c334293bdde72b9fb14f
74b127d0373bfa2f89209e087b1ae006ec832fe6
8ee66862dbb160c0be1abc7aa10b453ba5bcf7f4
0c7983db19ff1668d559924cbf3b722e82903c89
5e2aa6bf0378d8ab8d2dc66cdf2e3fdd675c4b0f
d921255c8427e8d6cc30194aea1a2bfe355bc157
f2705e5b3b37af57bb5d12a967bb92c20250af98
8d902a200314a5134d46ec502f59cdbbd61804e6
7bd44b9fb0b43b4d48d409d7f86dd9d05d57bfe9
71aad11c2c002a3d83126154a8812f7c03e66565
fd6e9855c33fed3ff26638591c3c1374a5837958
d896ce18e0d121c7f4979e503af1ecfbe7f3de98
7185f30946077024a9234c93250958ad1c40b3eb
a6dec953e7433217a44b5a0be38e9453b11e4084
5efc2a0ea9781da0f6230b952cc71bb6c64e1767
432f8a3b69031e616551e82d4aa5784c89b6cd86
1dbcb533af16de2ae26e6d602da63a2ec10c0f84
8c33f14b97f235695bb0b6006875018b3c219656
6309b9a770cd254cfd0ade0b68259628551d2cd6
b6dd675372aa8fae58a9a477e3ffe57bce66eed2
fd7bfa6ad2ef7951c1f5150ea3649f6ded3d4bb8
a7742b351924c921bb64832f5214d42c5c060ca0
70889a5f2f478130875b9379affcb994cef4b431
bef660cfee205ddc3e22674054f8c1a35b78bcb1
1a74def369cc9e9db2127ca56beeed3b2d3b4f61
Comment 13 Samba QA Contact 2024-11-07 10:28:04 UTC
This bug was referenced in samba v4-21-test:

189e4e8b262701f6cd64c2e1d9b0306e96589a6d
9e35e26e038932733cf6e571c3fefe3387ff9e5f
c0f40a7831362c46e4a12fcb3b46d185cb361040
b56c35c33668f050e993b141bbaf072b64da5a0c
346dab391d6a0382bcdff4acb9a6cef4ca8d8010
cbcd11f2fb232780452882ef5f1116611385b6a8
79d8431c86418eba31d731f291cd39b478256cd2
bea355c23165c5d0435a528d057a3050738dfdef
82ce898457b4d016e820f9acdb9d638dd73837dc
fcbb5243d5a3097b23cfebbd03c199b9b2586464
465bcb605507ce9c0149890c00ed535ad0bdde8f
2553c9aeded9927a87fc39982aedc9da1ef9a6e4
80129a9b07785ff30c36c64e2823bd8482d3d89c
058328859c7fbb84824b561a66819b58b28f842d
5fbb57e0dd5b46bb8f7aaa3fff089f959f3824de
b019eb56d6979cd2183e0bf0a19a57ab1d6ed104
68ade99138d965654608c3720a7bf51de00a5963
8add039c0bc727f70e0647a6b457f2dd563f10bb
a91d040b859c80a41f20ff281335491b04e458ca
5740e9daadc2710562d056ef6db93b0f337182fb
178e654eca1936d88da7c7e1de056ac2fa409e87
f27161ef5397f75f5039ff3f0d5a190cac5d2ae7
aa0e68958ccd2f1b070369498541d694d07487b4
657953d8e48e685b1b1374d9da062e480e449634
f18b49489f13037250fecc6bb1d2b0992f546854
dae81f45a374a457a0a0dee058741cb844dfaa26
4b60c66a9e70a2cad901f4c80382877b99df2c61
27e364a49334a25e89f150a7eb08cb984853f7c8
Comment 14 Jule Anger 2024-11-07 10:37:28 UTC
Closing out bug report.

Thanks!
Comment 15 Samba QA Contact 2024-11-19 14:47:56 UTC
This bug was referenced in samba v4-20-stable (Release samba-4.20.6):

2d2d5f675d455b8bd0592d4a80cb0448d0ebfb63
b647d52691209632d772fbaab1f976d45f27801a
c063734ac319a716b9d5dc00e3b25aed30fd40a5
d095ad71cc5ec077a416c334293bdde72b9fb14f
74b127d0373bfa2f89209e087b1ae006ec832fe6
8ee66862dbb160c0be1abc7aa10b453ba5bcf7f4
0c7983db19ff1668d559924cbf3b722e82903c89
5e2aa6bf0378d8ab8d2dc66cdf2e3fdd675c4b0f
d921255c8427e8d6cc30194aea1a2bfe355bc157
f2705e5b3b37af57bb5d12a967bb92c20250af98
8d902a200314a5134d46ec502f59cdbbd61804e6
7bd44b9fb0b43b4d48d409d7f86dd9d05d57bfe9
71aad11c2c002a3d83126154a8812f7c03e66565
fd6e9855c33fed3ff26638591c3c1374a5837958
d896ce18e0d121c7f4979e503af1ecfbe7f3de98
7185f30946077024a9234c93250958ad1c40b3eb
a6dec953e7433217a44b5a0be38e9453b11e4084
5efc2a0ea9781da0f6230b952cc71bb6c64e1767
432f8a3b69031e616551e82d4aa5784c89b6cd86
1dbcb533af16de2ae26e6d602da63a2ec10c0f84
8c33f14b97f235695bb0b6006875018b3c219656
6309b9a770cd254cfd0ade0b68259628551d2cd6
b6dd675372aa8fae58a9a477e3ffe57bce66eed2
fd7bfa6ad2ef7951c1f5150ea3649f6ded3d4bb8
a7742b351924c921bb64832f5214d42c5c060ca0
70889a5f2f478130875b9379affcb994cef4b431
bef660cfee205ddc3e22674054f8c1a35b78bcb1
1a74def369cc9e9db2127ca56beeed3b2d3b4f61
Comment 16 Samba QA Contact 2024-11-25 15:10:46 UTC
This bug was referenced in samba v4-21-stable (Release samba-4.21.2):

189e4e8b262701f6cd64c2e1d9b0306e96589a6d
9e35e26e038932733cf6e571c3fefe3387ff9e5f
c0f40a7831362c46e4a12fcb3b46d185cb361040
b56c35c33668f050e993b141bbaf072b64da5a0c
346dab391d6a0382bcdff4acb9a6cef4ca8d8010
cbcd11f2fb232780452882ef5f1116611385b6a8
79d8431c86418eba31d731f291cd39b478256cd2
bea355c23165c5d0435a528d057a3050738dfdef
82ce898457b4d016e820f9acdb9d638dd73837dc
fcbb5243d5a3097b23cfebbd03c199b9b2586464
465bcb605507ce9c0149890c00ed535ad0bdde8f
2553c9aeded9927a87fc39982aedc9da1ef9a6e4
80129a9b07785ff30c36c64e2823bd8482d3d89c
058328859c7fbb84824b561a66819b58b28f842d
5fbb57e0dd5b46bb8f7aaa3fff089f959f3824de
b019eb56d6979cd2183e0bf0a19a57ab1d6ed104
68ade99138d965654608c3720a7bf51de00a5963
8add039c0bc727f70e0647a6b457f2dd563f10bb
a91d040b859c80a41f20ff281335491b04e458ca
5740e9daadc2710562d056ef6db93b0f337182fb
178e654eca1936d88da7c7e1de056ac2fa409e87
f27161ef5397f75f5039ff3f0d5a190cac5d2ae7
aa0e68958ccd2f1b070369498541d694d07487b4
657953d8e48e685b1b1374d9da062e480e449634
f18b49489f13037250fecc6bb1d2b0992f546854
dae81f45a374a457a0a0dee058741cb844dfaa26
4b60c66a9e70a2cad901f4c80382877b99df2c61
27e364a49334a25e89f150a7eb08cb984853f7c8