libcli/nbt: fix off-by-one bug in ndr_pull_wrepl_nbt_name()

author Stefan Metzmacher <metze@samba.org>

Thu, 28 Jan 2010 17:58:23 +0000 (18:58 +0100)

committer Stefan Metzmacher <metze@samba.org>

Fri, 29 Jan 2010 14:55:11 +0000 (15:55 +0100)
author Stefan Metzmacher <metze@samba.org>
Thu, 28 Jan 2010 17:58:23 +0000 (18:58 +0100)
committer Stefan Metzmacher <metze@samba.org>
Fri, 29 Jan 2010 14:55:11 +0000 (15:55 +0100)
diff --git a/libcli/nbt/nbtname.c b/libcli/nbt/nbtname.c

index 1650ff96aecabcbadb8f5f241736ac64499513ca..792b340618e73c6df3318553e424c3db674cc968 100644 (file)
--- a/libcli/nbt/nbtname.c
+++ b/libcli/nbt/nbtname.c
@@ -558,8 +558,8 @@ _PUBLIC_ enum ndr_err_code ndr_pull_wrepl_nbt_name(struct ndr_pull *ndr, int ndr
         r->name = talloc_strdup(r, (char *)namebuf);
         if (!r->name) return ndr_pull_error(ndr, NDR_ERR_ALLOC, "out of memory");
  
-       if (namebuf_len > 18) {
-               r->scope = talloc_strndup(r, (char *)(namebuf+17), namebuf_len-17);
+       if (namebuf_len > 17) {
+               r->scope = talloc_strndup(r, (char *)(namebuf+16), namebuf_len-17);
                 if (!r->scope) return ndr_pull_error(ndr, NDR_ERR_ALLOC, "out of memory");
         } else {
                 r->scope = NULL;
author	Stefan Metzmacher <metze@samba.org>
	Thu, 28 Jan 2010 17:58:23 +0000 (18:58 +0100)
committer	Stefan Metzmacher <metze@samba.org>
	Fri, 29 Jan 2010 14:55:11 +0000 (15:55 +0100)