git.samba.org / obnox / samba / samba-obnox.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0e8d33f)
libcli/smb: fix BUFFER_OVERFLOW handling in tstream_smbXcli_np
authorStefan Metzmacher <metze@samba.org>
Fri, 27 Nov 2015 17:19:38 +0000 (18:19 +0100)
committerJeremy Allison <jra@samba.org>
Tue, 1 Dec 2015 02:42:51 +0000 (03:42 +0100)
The special error is not NT_STATUS_BUFFER_TOO_SMALL, but STATUS_BUFFER_OVERFLOW.

Tested using TSTREAM_SMBXCLI_NP_MAX_BUF_SIZE == 20 and running
the following commands against a Windows 2012R2 server:

bin/smbtorture ncacn_np:SERVER[] rpc.lsa-getuser
bin/smbtorture ncacn_np:SERVER[smb2] rpc.lsa-getuser

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec  1 03:42:52 CET 2015 on sn-devel-104

libcli/smb/tstream_smbXcli_np.c patch | blob | history

diff --git a/libcli/smb/tstream_smbXcli_np.c b/libcli/smb/tstream_smbXcli_np.c
index 9cd6302c8c7c4d00709ba6fe010fa8bc5f074599..af0863e50bb65593450cdca095a6fa7c2e3e3157 100644 (file)
--- a/libcli/smb/tstream_smbXcli_np.c
+++ b/libcli/smb/tstream_smbXcli_np.c
@@ -976,7 +976,14 @@ static void tstream_smbXcli_np_readv_trans_done(struct tevent_req *subreq)
                received = out_output_buffer.length;
        }
        TALLOC_FREE(subreq);
-       if (NT_STATUS_EQUAL(status, NT_STATUS_BUFFER_TOO_SMALL)) {
+       if (NT_STATUS_EQUAL(status, STATUS_BUFFER_OVERFLOW)) {
+               /*
+                * STATUS_BUFFER_OVERFLOW means that there's
+                * more data to read when the named pipe is used
+                * in message mode (which is the case here).
+                *
+                * But we hide this from the caller.
+                */
                status = NT_STATUS_OK;
        }
        if (!NT_STATUS_IS_OK(status)) {
@@ -1052,9 +1059,9 @@ static void tstream_smbXcli_np_readv_read_done(struct tevent_req *subreq)
         * We can't TALLOC_FREE(subreq) as usual here, as rcvbuf still is a
         * child of that.
         */
-       if (NT_STATUS_EQUAL(status, NT_STATUS_BUFFER_TOO_SMALL)) {
+       if (NT_STATUS_EQUAL(status, STATUS_BUFFER_OVERFLOW)) {
                /*
-                * NT_STATUS_BUFFER_TOO_SMALL means that there's
+                * STATUS_BUFFER_OVERFLOW means that there's
                 * more data to read when the named pipe is used
                 * in message mode (which is the case here).
                 *
Michael's Samba GIT