Bug 3984 - rpcclient netshareenum 502
Summary: rpcclient netshareenum 502
Status: RESOLVED FIXED
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: Client Tools (show other bugs)
Version: 3.0.23a
Hardware: x86 Linux
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
URL: http://www.webwombat.com.au/
Keywords:
Depends on:
Blocks:
 
Reported: 2006-08-02 01:34 UTC by Phill Bertolus
Modified: 2009-04-02 16:38 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Phill Bertolus 2006-08-02 01:34:45 UTC
The password field contains an invalid size. The print statement cause a segfault because the size of the password text can be gigabytes.

Here is the patch to fix it (by blindly commenting out the offending line).

diff -uNr samba-3.0.22.orig/source/rpcclient/cmd_srvsvc.c samba-3.0.22/source/rpcclient/cmd_srvsvc.c
--- samba-3.0.22.orig/source/rpcclient/cmd_srvsvc.c     2006-01-24 23:46:31.000000000 +0000
+++ samba-3.0.22/source/rpcclient/cmd_srvsvc.c  2006-06-22 14:39:33.000000000 +0000
@@ -253,7 +253,9 @@
        rpcstr_pull_unistr2_fstring(netname, &info502->info_502_str.uni_netname);
        rpcstr_pull_unistr2_fstring(remark, &info502->info_502_str.uni_remark);
        rpcstr_pull_unistr2_fstring(path, &info502->info_502_str.uni_path);
+/*
        rpcstr_pull_unistr2_fstring(passwd, &info502->info_502_str.uni_passwd);
+*/

        printf("netname: %s\n", netname);
        printf("\tremark:\t%s\n", remark);

Best Regards
Phill.
Comment 1 Volker Lendecke 2006-08-02 05:12:27 UTC
Tried it, works for me. What server are you using? Can you show us a sniff?

Thanks,

Volker
Comment 2 Phill Bertolus 2006-08-02 08:08:36 UTC
Hi Volker,

This has happened on about 5 large networks now. AD Native mode 5000+ users - win2k Win2k03 servers (lots of them 180 is the largest). Intermittent. Sometimes the data is 0 bytes in length (sounds like your case) othertime it's trash resulting in SEGV. I've *never* seen a password (Upwards of 20 installs on various networks now - none of which where small home types).

This field seems obsolete?

Don't know how to do a sniff? Will try though. I've tried with debug turned up very high and it just seems to confirm that the password data is invalid (or at least not what the code thinks it is).

Cheers
Phill.
Comment 3 Guenther Deschner 2009-04-02 16:38:39 UTC
This should be long resolved since Samba 3.2. Please reopen if still an issue.