The Samba-Bugzilla – Bug 4046
read_andX batch problem
Last modified: 2006-08-27 21:14:47 UTC
Version: smaba-3.0.22, OS: ubuntu
When batching some other smb commands to the read_and_x command, such as close, we got error message by inspecting the log of smbd as follows:
[2006/08/24 15:14:29, 2] smbd/process.c:switch_message(974)
Non-SMB packet of length 64. Terminating server
We think the problem maybe inside the source tree, namely "source/smbd/process.c" line 1338:
outsize2 = switch_message(smb_com2,inbuf2,outbuf2,size-chain_size,bufsize-chain_size);
We found the fourth parameter in the above procedure call "size-chain_size" is always smaller than "smb_size - 4", so the checking in smbd/process.c:972
if ((strncmp(smb_base(inbuf),"\377SMB",4) != 0) || (size < (smb_size - 4)))
will return false. Therefore, the successive andx-batch message(s) will not be processed.
We think that maybe a problem.
Can you attach an ethereal trace showing this please.
Created attachment 2105 [details]
four ethereal logs attached about readX batch problem.
You can see the different reponses after the openX command.
When I send out readX-close command as usuall, I just get the FIN response in readclose_error log.But when I add some padding to strength the packet, I can get the right response in readclose_ok log.
Also you can see the same result from the other two logs. But those are more funny, when I add some padding to the readX-echo command packet, I can just get the echo reponse rightly, and then get an unreassabled readX response.
I think samba3.0.22 source code maybe not check about the andX command batching.
Thanks for the sniffs. Just curious -- what client are you using?
I just wrote the simple tools myself that can send out packets as I like.
We wrote the simpel tools that can send out packets as I like.