- time_t last_timeout_processing_time = time(NULL);
- unsigned int num_smbs = 0;
- size_t unread_bytes = 0;
-
- max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);
-
- while (True) {
- int select_timeout = setup_select_timeout();
- int num_echos;
- char *inbuf = NULL;
- size_t inbuf_len = 0;
- bool encrypted = false;
- TALLOC_CTX *frame = talloc_stackframe_pool(8192);
-
- errno = 0;
-
- /* Did someone ask for immediate checks on things like blocking locks ? */
- if (select_timeout == 0) {
- timeout_processing(&select_timeout,
- &last_timeout_processing_time);
- num_smbs = 0; /* Reset smb counter. */
- }
-
- run_events(smbd_event_context(), 0, NULL, NULL);
-
- while (True) {
- NTSTATUS status;
-
- status = receive_message_or_smb(
- talloc_tos(), &inbuf, &inbuf_len,
- select_timeout, &unread_bytes, &encrypted);
-
- if (NT_STATUS_IS_OK(status)) {
- break;
- }
-
- if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
- timeout_processing(
- &select_timeout,
- &last_timeout_processing_time);
- continue;
- }
-
- DEBUG(3, ("receive_message_or_smb failed: %s, "
- "exiting\n", nt_errstr(status)));
- return;
-
- num_smbs = 0; /* Reset smb counter. */
- }
+ /*
+ * Before the first packet, check the global hosts allow/ hosts deny
+ * parameters before doing any parsing of packets passed to us by the
+ * client. This prevents attacks on our parsing code from hosts not in
+ * the hosts allow list.
+ */