summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2003-09-17 19:36:53 +0000
committerJeremy Allison <jra@samba.org>2003-09-17 19:36:53 +0000
commit53185ba285991b24d88f5b3c6c4e9e0eed1c1431 (patch)
tree0408912733f1740489c19d220ec56c872013bb8d
parent9dab796ed56ffea2e373df5be1ec17a77f600285 (diff)
downloadsamba-53185ba285991b24d88f5b3c6c4e9e0eed1c1431.tar.gz
samba-53185ba285991b24d88f5b3c6c4e9e0eed1c1431.tar.bz2
samba-53185ba285991b24d88f5b3c6c4e9e0eed1c1431.zip
Fix coredump from Samba4 torture suite.
Jeremy. (This used to be commit 640bc276ba3d1ab83cd8994bddd64fd745f75101)
-rw-r--r--source3/smbd/files.c2
-rw-r--r--source3/smbd/nttrans.c3
2 files changed, 5 insertions, 0 deletions
diff --git a/source3/smbd/files.c b/source3/smbd/files.c
index 1fe6f250e5..80544c9a30 100644
--- a/source3/smbd/files.c
+++ b/source3/smbd/files.c
@@ -405,6 +405,8 @@ files_struct *file_fsp(char *buf, int where)
if (chain_fsp)
return chain_fsp;
+ if (!buf)
+ return NULL;
fnum = SVAL(buf, where);
for (fsp=Files;fsp;fsp=fsp->next, count++) {
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index f8bd3ae15f..1c50744947 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1472,6 +1472,9 @@ static int call_nt_transact_notify_change(connection_struct *conn, char *inbuf,
files_struct *fsp;
uint32 flags;
+ if(setup_count < 6)
+ return ERROR_DOS(ERRDOS,ERRbadfunc);
+
fsp = file_fsp(setup,4);
flags = IVAL(setup, 0);