Bug 6706 - Samba4 fails to parse correctly field CSDVersion of osVersionInfoEx
Samba4 fails to parse correctly field CSDVersion of osVersionInfoEx
Status: RESOLVED FIXED
Product: Samba 4.0
Classification: Unclassified
Component: DCE-RPCs and pipes
unspecified
Other Linux
: P3 critical
: ---
Assigned To: Andrew Bartlett
Matthias Dieter Wallnöfer
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-09-10 08:29 UTC by Matthieu Patou
Modified: 2009-09-11 12:22 UTC (History)
0 users

See Also:


Attachments
hex dump of the osVersionInfoEx field (1.28 KB, text/plain)
2009-09-10 08:31 UTC, Matthieu Patou
no flags Details
Binary version of the previous attachment (284 bytes, application/octet-stream)
2009-09-10 08:31 UTC, Matthieu Patou
no flags Details
Patch for changing the parsing. (1.32 KB, patch)
2009-09-11 11:27 UTC, Matthieu Patou
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Matthieu Patou 2009-09-10 08:29:56 UTC
In the getDomainInfo RPC I get times to time the following error:
[Thu Sep 10 10:11:53 2009 MSD, 0 ../lib/util/charset/charcnv.c:216:iconv_talloc()]
Conversion error: Illegal multibyte sequence(<E4><U+077A>^A|<EF><BA>^A)

Due to this parsing error when receiving the getDomainInfo rpc call the server is unable to respond to the client a valid answer.

The problem is due to the fact the field not only contains valid utf16 but also 
garbage after a couple of null bytes, this structure is explained here:
http://archives.free.net.ph/message/20090724.132235.e7e10bb0.en.html


0154 TCHAR szCSDVersion[128] "Service Pack 2\0"
0170 TCHAR szCSDVersion[...] (ignore; recycled memory) 

But the utf8_push (called by the smb_iconv) function is trying to parse the whole string content as utf16 and sometime it fails (cf. attachment 1 [details]) because the random part can contains illegal utf16  sequences.
Comment 1 Matthieu Patou 2009-09-10 08:31:08 UTC
Created attachment 4677 [details]
hex dump of the osVersionInfoEx field
Comment 2 Matthieu Patou 2009-09-10 08:31:58 UTC
Created attachment 4678 [details]
Binary version of the previous attachment
Comment 3 Matthieu Patou 2009-09-11 11:27:52 UTC
Created attachment 4683 [details]
Patch for changing the parsing.
Comment 4 Matthias Dieter Wallnöfer 2009-09-11 12:22:05 UTC
Fixed. Thanks for the investigation!