summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2007-12-05 16:56:19 -0800
committerJeremy Allison <jra@samba.org>2007-12-05 16:56:19 -0800
commit8ab33fc33593d829258990b208c4636e3fe321e0 (patch)
tree4338cccc12c8de62eb17b2ee064d0011b4889e4f
parentc436c5aa0f27b72d392772cfd4dbdbc5a1e591e5 (diff)
downloadsamba-8ab33fc33593d829258990b208c4636e3fe321e0.tar.gz
samba-8ab33fc33593d829258990b208c4636e3fe321e0.tar.bz2
samba-8ab33fc33593d829258990b208c4636e3fe321e0.zip
Fix path length limits on cli_list (outgoing. Incoming
will be fixed with pstring elimination). Jeremy. (This used to be commit cd43b93d405bf892d1d8941b2d1e64d7d53adf69)
-rw-r--r--source3/libsmb/clilist.c21
1 files changed, 16 insertions, 5 deletions
diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c
index 64cb3e8fe3..284538541a 100644
--- a/source3/libsmb/clilist.c
+++ b/source3/libsmb/clilist.c
@@ -218,7 +218,7 @@ int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute,
char *rparam=NULL, *rdata=NULL;
unsigned int param_len, data_len;
uint16 setup;
- char param[1024];
+ char *param;
const char *mnt;
uint32 resume_key = 0;
DATA_BLOB last_name_raw = data_blob(NULL, 0);
@@ -232,12 +232,19 @@ int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute,
}
while (ff_eos == 0) {
+ size_t nlen = 2*(strlen(mask)+1);
+
loop_count++;
if (loop_count > 200) {
DEBUG(0,("Error: Looping in FIND_NEXT??\n"));
break;
}
+ param = SMB_MALLOC(12+nlen+last_name_raw.length+2);
+ if (!param) {
+ break;
+ }
+
if (First) {
setup = TRANSACT2_FINDFIRST;
SSVAL(param,0,attribute); /* attribute */
@@ -246,8 +253,8 @@ int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute,
SSVAL(param,6,info_level);
SIVAL(param,8,0);
p = param+12;
- p += clistr_push(cli, param+12, mask, sizeof(param)-12,
- STR_TERMINATE);
+ p += clistr_push(cli, param+12, mask,
+ nlen, STR_TERMINATE);
} else {
setup = TRANSACT2_FINDNEXT;
SSVAL(param,0,ff_dir_handle);
@@ -260,11 +267,12 @@ int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute,
can miss filenames. Use last filename continue instead. JRA */
SSVAL(param,10,(FLAG_TRANS2_FIND_REQUIRE_RESUME|FLAG_TRANS2_FIND_CLOSE_IF_END)); /* resume required + close on end */
p = param+12;
- if (last_name_raw.length && (last_name_raw.length < (sizeof(param)-12))) {
+ if (last_name_raw.length) {
memcpy(p, last_name_raw.data, last_name_raw.length);
p += last_name_raw.length;
} else {
- p += clistr_push(cli, param+12, mask, sizeof(param)-12, STR_TERMINATE);
+ p += clistr_push(cli, param+12, mask,
+ nlen, STR_TERMINATE);
}
}
@@ -283,9 +291,12 @@ int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute,
cli->max_xmit /* data, length, max. */
#endif
)) {
+ SAFE_FREE(param);
break;
}
+ SAFE_FREE(param);
+
if (!cli_receive_trans(cli, SMBtrans2,
&rparam, &param_len,
&rdata, &data_len) &&