tcon,
session,
state->fixed, sizeof(state->fixed),
- NULL, 0);
+ NULL, 0, /* dyn* */
+ 0); /* max_dyn_len */
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
size_t blobs_offset;
uint8_t *dyn;
size_t dyn_len;
+ size_t max_dyn_len;
req = tevent_req_create(mem_ctx, &state,
struct smb2cli_create_state);
data_blob_free(&blob);
}
+ /*
+ * We use max_dyn_len = 0
+ * as we don't explicitly ask for any output length.
+ *
+ * But it's still possible for the server to return
+ * large create blobs.
+ */
+ max_dyn_len = 0;
+
subreq = smb2cli_req_send(state, ev, conn, SMB2_OP_CREATE,
0, 0, /* flags */
timeout_msec,
tcon,
session,
state->fixed, sizeof(state->fixed),
- dyn, dyn_len);
+ dyn, dyn_len,
+ max_dyn_len);
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
NULL, /* tcon */
NULL, /* session */
state->fixed, sizeof(state->fixed),
- NULL, 0);
+ NULL, 0, /* dyn* */
+ 0); /* max_dyn_len */
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
tcon,
session,
state->fixed, sizeof(state->fixed),
- NULL, 0);
+ NULL, 0, /* dyn* */
+ 0); /* max_dyn_len */
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
uint32_t output_buffer_offset = 0;
uint32_t output_buffer_length = 0;
uint32_t pad_length = 0;
+ uint64_t tmp64;
+ uint32_t max_dyn_len = 0;
req = tevent_req_create(mem_ctx, &state,
struct smb2cli_ioctl_state);
state->max_input_length = in_max_input_length;
state->max_output_length = in_max_output_length;
+ tmp64 = in_max_input_length;
+ tmp64 += in_max_output_length;
+ if (tmp64 > UINT32_MAX) {
+ max_dyn_len = UINT32_MAX;
+ } else {
+ max_dyn_len = tmp64;
+ }
+
if (in_input_buffer) {
input_buffer_offset = SMB2_HDR_BODY+0x38;
input_buffer_length = in_input_buffer->length;
tcon,
session,
state->fixed, sizeof(state->fixed),
- dyn, dyn_len);
+ dyn, dyn_len,
+ max_dyn_len);
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
tcon,
session,
state->fixed, sizeof(state->fixed),
- dyn, dyn_len);
+ dyn, dyn_len,
+ outbuf_len); /* max_dyn_len */
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
tcon,
session,
state->fixed, sizeof(state->fixed),
- dyn, dyn_len);
+ dyn, dyn_len,
+ in_max_output_length); /* max_dyn_len */
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
tcon,
session,
state->fixed, sizeof(state->fixed),
- state->dyn_pad, sizeof(state->dyn_pad));
+ state->dyn_pad, sizeof(state->dyn_pad),
+ length); /* max_dyn_len */
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
NULL, /* tcon */
session,
state->fixed, sizeof(state->fixed),
- dyn, dyn_len);
+ dyn, dyn_len,
+ UINT16_MAX); /* max_dyn_len */
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
NULL, /* tcon */
session,
state->fixed, sizeof(state->fixed),
- NULL, 0);
+ NULL, 0, /* dyn* */
+ 0); /* max_dyn_len */
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
tcon,
session,
state->fixed, sizeof(state->fixed),
- dyn, dyn_len);
+ dyn, dyn_len,
+ 0); /* max_dyn_len */
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
tcon,
session,
state->fixed, sizeof(state->fixed),
- dyn, dyn_len);
+ dyn, dyn_len,
+ 0); /* max_dyn_len */
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
const uint8_t *fixed,
uint16_t fixed_len,
const uint8_t *dyn,
- uint32_t dyn_len)
+ uint32_t dyn_len,
+ uint32_t max_dyn_len)
{
struct tevent_req *req;
NTSTATUS status;
- uint32_t max_dyn_len = 0;
req = smb2cli_req_create(mem_ctx, ev, conn, cmd,
additional_flags, clear_flags,
state->timeout_msec,
NULL, NULL, /* tcon, session */
state->smb2.fixed, sizeof(state->smb2.fixed),
- state->smb2.dyn, dialect_count*2);
+ state->smb2.dyn, dialect_count*2,
+ UINT16_MAX); /* max_dyn_len */
}
static void smbXcli_negprot_smb2_done(struct tevent_req *subreq)
const uint8_t *fixed,
uint16_t fixed_len,
const uint8_t *dyn,
- uint32_t dyn_len);
+ uint32_t dyn_len,
+ uint32_t max_dyn_len);
NTSTATUS smb2cli_req_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
struct iovec **piov,
const struct smb2cli_req_expected_response *expected,
NULL, /* tcon */
cli->smb2.session,
state->fixed, sizeof(state->fixed),
- dyn, dyn_len);
+ dyn, dyn_len,
+ 0); /* max_dyn_len */
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
cli->smb2.tcon,
cli->smb2.session,
state->fixed, sizeof(state->fixed),
- NULL, 0);
+ NULL, 0, /* dyn* */
+ 0); /* max_dyn_len */
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
NULL, /* body */
0, /* body_fixed */
NULL, /* dyn */
- 0); /* dyn_len */
+ 0, /* dyn_len */
+ 0); /* max_dyn_len */
if (subreq != NULL) {
smbXcli_req_set_pending(subreq);
tevent_req_set_callback(subreq,
tcon,
session,
body.data, body.length,
- dyn.data, dyn.length);
+ dyn.data, dyn.length,
+ 0); /* max_dyn_len */
if (req->subreq == NULL) {
req->state = SMB2_REQUEST_ERROR;
req->status = NT_STATUS_NO_MEMORY;
NULL, /* body */
0, /* body_fixed */
NULL, /* dyn */
- 0); /* dyn_len */
+ 0, /* dyn_len */
+ 0); /* max_dyn_len */
if (subreq != NULL) {
smbXcli_req_set_pending(subreq);
tevent_req_set_callback(subreq,
git.samba.org / mat / samba.git / commitdiff