From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 9 Jun 2009 17:32:30 +0000 (+0200)
Subject: s4:smb2srv: don't allow the related flag on the first request in a compounded chain
X-Git-Url: http://git.samba.org/?a=commitdiff_plain;h=8d9588390822745ad43f0df82b29704234c760b9;p=metze%2Fsamba%2Fwip.git

s4:smb2srv: don't allow the related flag on the first request in a compounded chain

metze
---

diff --git a/source4/smb_server/smb2/receive.c b/source4/smb_server/smb2/receive.c
index 16f888b0a6e1..5ac01dcb7c9f 100644
--- a/source4/smb_server/smb2/receive.c
+++ b/source4/smb_server/smb2/receive.c
@@ -470,6 +470,7 @@ NTSTATUS smbsrv_recv_smb2_request(void *private_data, DATA_BLOB blob)
 	uint32_t protocol_version;
 	uint16_t buffer_code;
 	uint32_t dynamic_size;
+	uint32_t flags;
 
 	smb_conn->statistics.last_request_time = cur_time;
 
@@ -543,6 +544,12 @@ NTSTATUS smbsrv_recv_smb2_request(void *private_data, DATA_BLOB blob)
 	 *       - make sure it's a request
 	 */
 
+	flags = IVAL(req->in.hdr, SMB2_HDR_FLAGS);
+	/* the first request should never have the related flag set */
+	if (flags & SMB2_HDR_FLAG_CHAINED) {
+		req->chain_status = NT_STATUS_INVALID_PARAMETER;
+	}
+
 	return smb2srv_reply(req);
 }