s4:smb2srv: don't allow the related flag on the first request in a compounded chain

author Stefan Metzmacher <metze@samba.org>

Tue, 9 Jun 2009 17:32:30 +0000 (19:32 +0200)

committer Stefan Metzmacher <metze@samba.org>

Tue, 9 Jun 2009 17:33:46 +0000 (19:33 +0200)
author Stefan Metzmacher <metze@samba.org>
Tue, 9 Jun 2009 17:32:30 +0000 (19:32 +0200)
committer Stefan Metzmacher <metze@samba.org>
Tue, 9 Jun 2009 17:33:46 +0000 (19:33 +0200)
diff --git a/source4/smb_server/smb2/receive.c b/source4/smb_server/smb2/receive.c

index 16f888b0a6e139241751b1bea51df001253d0083..5ac01dcb7c9f2740e4b3b0e8367771c14edb4ae5 100644 (file)
--- a/source4/smb_server/smb2/receive.c
+++ b/source4/smb_server/smb2/receive.c
@@ -470,6 +470,7 @@ NTSTATUS smbsrv_recv_smb2_request(void *private_data, DATA_BLOB blob)
         uint32_t protocol_version;
         uint16_t buffer_code;
         uint32_t dynamic_size;
+       uint32_t flags;
  
         smb_conn->statistics.last_request_time = cur_time;
  
@@ -543,6 +544,12 @@ NTSTATUS smbsrv_recv_smb2_request(void *private_data, DATA_BLOB blob)
          *       - make sure it's a request
          */
  
+       flags = IVAL(req->in.hdr, SMB2_HDR_FLAGS);
+       /* the first request should never have the related flag set */
+       if (flags & SMB2_HDR_FLAG_CHAINED) {
+               req->chain_status = NT_STATUS_INVALID_PARAMETER;
+       }
+
         return smb2srv_reply(req);
  }
author	Stefan Metzmacher <metze@samba.org>
	Tue, 9 Jun 2009 17:32:30 +0000 (19:32 +0200)
committer	Stefan Metzmacher <metze@samba.org>
	Tue, 9 Jun 2009 17:33:46 +0000 (19:33 +0200)