s3:smbd: don't limit the number of open dptrs for smb2 (bug #8592)

This fixes a crash bug that is triggered, when a client has more than
256 directory handles with searches.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Nov 10 14:08:14 CET 2011 on sn-devel-104

diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c
index 1d90a77b57e393c929f0fcf76f3fe0d77b47a94f..a7dc537074255f9d7280251a092a9c01d4c630b5 100644 (file)
--- a/source3/smbd/dir.c
+++ b/source3/smbd/dir.c
@@ -261,6 +261,10 @@ static void dptr_close_internal(struct dptr_struct *dptr)
                goto done;
        }
 
+       if (sconn->using_smb2) {
+               goto done;
+       }
+
        DLIST_REMOVE(sconn->searches.dirptrs, dptr);
 
        /*
@@ -524,6 +528,10 @@ NTSTATUS dptr_create(connection_struct *conn, files_struct *fsp,
 
        dptr->attr = attr;
 
+       if (sconn->using_smb2) {
+               goto done;
+       }
+
        if(old_handle) {
 
                /*
@@ -594,6 +602,7 @@ NTSTATUS dptr_create(connection_struct *conn, files_struct *fsp,
 
        DLIST_ADD(sconn->searches.dirptrs, dptr);
 
+done:
        DEBUG(3,("creating new dirptr %d for path %s, expect_close = %d\n",
                dptr->dnum,path,expect_close));  
 
@@ -1367,7 +1376,7 @@ static int smb_Dir_destructor(struct smb_Dir *dirp)
 #endif
                SMB_VFS_CLOSEDIR(dirp->conn,dirp->dir);
        }
-       if (dirp->conn->sconn) {
+       if (dirp->conn->sconn && !dirp->conn->sconn->using_smb2) {
                dirp->conn->sconn->searches.dirhandles_open--;
        }
        return 0;
@@ -1398,7 +1407,7 @@ struct smb_Dir *OpenDir(TALLOC_CTX *mem_ctx, connection_struct *conn,
                goto fail;
        }
 
-       if (sconn) {
+       if (sconn && !sconn->using_smb2) {
                sconn->searches.dirhandles_open++;
        }
        talloc_set_destructor(dirp, smb_Dir_destructor);
@@ -1442,7 +1451,7 @@ static struct smb_Dir *OpenDir_fsp(TALLOC_CTX *mem_ctx, connection_struct *conn,
                goto fail;
        }
 
-       if (sconn) {
+       if (sconn && !sconn->using_smb2) {
                sconn->searches.dirhandles_open++;
        }
        talloc_set_destructor(dirp, smb_Dir_destructor);