The Samba-Bugzilla – Bug 476
nmbd: Error in encoding and comparing NB names.
Last modified: 2004-02-17 08:45:52 UTC
Originally filed as bug ID 28805, but no longer appears in database, what happened?
Synopsis: NetBIOS names with embedded null bytes are improperly truncated.
Samba acting as a WINS server.
DAVE 4.1 client for MacOSX.
tcpdump in progress.
Change the DAVE client WINS address to point to the Samba WINS server. To
verify if the machine is a WINS server DAVE sends
group registration and waits to see if the potential WINS server responds
correctly. Samba replies with a success, but the answers section of the packet
has the name *DAVE_NSCHECK<20><20><ff>. The DAVE client
discards the packet due
to the mismatched name, and eventually reports that the machine is not a WINS
I have a tcpdump of the problem if needed, but don't know how to add
attachments to bug report.
NetBIOS names arriving from the network should be treated as oqaque 16 byte
structures( the RFC1001 makes no requirement that they be null terminated
strings ). A number of 3rd party clients and servers embed binary data into
their NetBIOS names.
Microsoft WINS implementations behave correctly in this scenario.
The Samba code in question:
nmblib.c:put_nmb_name() and nmb_name_equal().
Other areas where strcmp() is being used instead of nmb_name_equal()?
DAVE 4.1 available at www.thursby.com
Created attachment 152 [details]
tcpdump of registration request and response.
Sorry, but the 2.2 is not under development any longer.
If you can reproduce this bug against the latest 3.0 release,
please reopen this bug and change the version in the report.