CVE-2015-5370: libcli/smb: use a max timeout of 1 second in tstream_smbXcli_np_destru...

author Stefan Metzmacher <metze@samba.org>

Wed, 23 Dec 2015 10:05:45 +0000 (11:05 +0100)

committer Stefan Metzmacher <metze@samba.org>

Wed, 30 Mar 2016 02:10:17 +0000 (04:10 +0200)
author Stefan Metzmacher <metze@samba.org>
Wed, 23 Dec 2015 10:05:45 +0000 (11:05 +0100)
committer Stefan Metzmacher <metze@samba.org>
Wed, 30 Mar 2016 02:10:17 +0000 (04:10 +0200)
diff --git a/libcli/smb/tstream_smbXcli_np.c b/libcli/smb/tstream_smbXcli_np.c

index 9cd6302c8c7c4d00709ba6fe010fa8bc5f074599..248bfb02cfc6b1094179b1462e1a7f2010b1da62 100644 (file)
--- a/libcli/smb/tstream_smbXcli_np.c
+++ b/libcli/smb/tstream_smbXcli_np.c
@@ -111,7 +111,11 @@ static int tstream_smbXcli_np_destructor(struct tstream_smbXcli_np *cli_nps)
          * Once we've fixed all callers to call
          * tstream_disconnect_send()/_recv(), this will
          * never be called.
+        *
+        * We use a maximun timeout of 1 second == 1000 msec.
          */
+       cli_nps->timeout = MIN(cli_nps->timeout, 1000);
+
         if (cli_nps->is_smb1) {
                 status = smb1cli_close(cli_nps->conn,
                                        cli_nps->timeout,
author	Stefan Metzmacher <metze@samba.org>
	Wed, 23 Dec 2015 10:05:45 +0000 (11:05 +0100)
committer	Stefan Metzmacher <metze@samba.org>
	Wed, 30 Mar 2016 02:10:17 +0000 (04:10 +0200)