summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2010-01-28 18:52:46 +0100
committerStefan Metzmacher <metze@samba.org>2010-01-29 15:55:10 +0100
commitc50a17cc8d6bc23f03c3d44ceccebce06417ba21 (patch)
tree90f8b3db65a0925afb65b0d2903cfbe256a233b8
parenta20b43f23f2254edb1fcd6d3916dd57e6a4778ee (diff)
downloadsamba-c50a17cc8d6bc23f03c3d44ceccebce06417ba21.tar.gz
samba-c50a17cc8d6bc23f03c3d44ceccebce06417ba21.tar.bz2
samba-c50a17cc8d6bc23f03c3d44ceccebce06417ba21.zip
libcli/nbt: fix ndr_pull/push_wrepl_nbt_name()
[MS-WINSRA] — v20091104 was wrong regarding section "2.2.10.1 Name Record" If the name buffer is already 4 byte aligned Windows (at least 2003 SP1 and 2008) add 4 extra bytes. This can happen when the name has a scope. metze
-rw-r--r--libcli/nbt/nbtname.c25
1 files changed, 25 insertions, 0 deletions
diff --git a/libcli/nbt/nbtname.c b/libcli/nbt/nbtname.c
index 338cb21089..1650ff96ae 100644
--- a/libcli/nbt/nbtname.c
+++ b/libcli/nbt/nbtname.c
@@ -517,6 +517,19 @@ _PUBLIC_ enum ndr_err_code ndr_pull_wrepl_nbt_name(struct ndr_pull *ndr, int ndr
NDR_PULL_ALLOC_N(ndr, namebuf, namebuf_len);
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, namebuf, namebuf_len));
+ if ((namebuf_len % 4) == 0) {
+ /*
+ * [MS-WINSRA] — v20091104 was wrong
+ * regarding section "2.2.10.1 Name Record"
+ *
+ * If the name buffer is already 4 byte aligned
+ * Windows (at least 2003 SP1 and 2008) add 4 extra
+ * bytes. This can happen when the name has a scope.
+ */
+ uint32_t pad;
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &pad));
+ }
+
NDR_PULL_ALLOC(ndr, r);
/* oh wow, what a nasty bug in windows ... */
@@ -615,6 +628,18 @@ _PUBLIC_ enum ndr_err_code ndr_push_wrepl_nbt_name(struct ndr_push *ndr, int ndr
NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, namebuf_len));
NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, namebuf, namebuf_len));
+ if ((namebuf_len % 4) == 0) {
+ /*
+ * [MS-WINSRA] — v20091104 was wrong
+ * regarding section "2.2.10.1 Name Record"
+ *
+ * If the name buffer is already 4 byte aligned
+ * Windows (at least 2003 SP1 and 2008) add 4 extra
+ * bytes. This can happen when the name has a scope.
+ */
+ NDR_CHECK(ndr_push_zero(ndr, 4));
+ }
+
talloc_free(namebuf);
return NDR_ERR_SUCCESS;
}