diff options
author | Jean-François Micouleau <jfm@samba.org> | 2000-07-26 09:40:49 +0000 |
---|---|---|
committer | Jean-François Micouleau <jfm@samba.org> | 2000-07-26 09:40:49 +0000 |
commit | 1e3a5503cd27109e3b79da9d1115ef80317e6849 (patch) | |
tree | c11a9d15ebe87b069116a1e7bd8feb56e50f8175 | |
parent | 18db0514fddf15c9aa5eeefa18891bbf3e0637f5 (diff) | |
download | samba-1e3a5503cd27109e3b79da9d1115ef80317e6849.tar.gz samba-1e3a5503cd27109e3b79da9d1115ef80317e6849.tar.bz2 samba-1e3a5503cd27109e3b79da9d1115ef80317e6849.zip |
Found out that we are crashing spoolss in enumprinterdata.
So fixed enumprinterdatas in rpcclient to debug the server code,
and found that the parsing code was missing 2 prs_align().
We are not crashing NT anymore. :-)
J.F.
(This used to be commit 883f7402d495182aeff85152216cc8b3cfc18bef)
-rw-r--r-- | source3/rpc_client/cli_spoolss.c | 4 | ||||
-rw-r--r-- | source3/rpc_client/msrpc_spoolss.c | 29 | ||||
-rw-r--r-- | source3/rpc_parse/parse_spoolss.c | 9 | ||||
-rw-r--r-- | source3/rpcclient/cmd_spoolss.c | 4 |
4 files changed, 32 insertions, 14 deletions
diff --git a/source3/rpc_client/cli_spoolss.c b/source3/rpc_client/cli_spoolss.c index d6156bf4ac..3e12454cb2 100644 --- a/source3/rpc_client/cli_spoolss.c +++ b/source3/rpc_client/cli_spoolss.c @@ -298,9 +298,9 @@ uint32 spoolss_enum_printerdata(const POLICY_HND *hnd, uint32 idx, prs_init(&buf , MAX_PDU_FRAG_LEN, 4, MARSHALL); prs_init(&rbuf, 0, 4, UNMARSHALL); - /* create and send a MSRPC command with api SPOOLSS_ENUMJOBS */ + /* create and send a MSRPC command with api SPOOLSS_ENUMPRINTERDATA*/ - DEBUG(5,("SPOOLSS Enum Printer data)\n")); + DEBUG(4,("SPOOLSS Enum Printer data\n")); make_spoolss_q_enumprinterdata(&q_o, hnd, idx, *valuelen, *datalen); diff --git a/source3/rpc_client/msrpc_spoolss.c b/source3/rpc_client/msrpc_spoolss.c index 72ca7ee5c0..3540ebbafc 100644 --- a/source3/rpc_client/msrpc_spoolss.c +++ b/source3/rpc_client/msrpc_spoolss.c @@ -444,21 +444,30 @@ BOOL msrpc_spoolss_enum_printerdata( const char* printer_name, uint32 datalen; uint8 *data; uint32 rdatalen; + uint32 maxvaluelen; + uint32 maxdatalen; DEBUG(4,("spoolenum_printerdata - printer: %s\n", printer_name)); if(!spoolss_open_printer_ex( printer_name, 0, 0, station, user_name, &hnd)) return False; - /* FIXME!!!! --jerry - something is severly buggy about the use of - data, datalen, value, & valuelen */ - status = spoolss_enum_printerdata(&hnd, 0, &valuelen, value, + + idx=0; + valuelen=0; + rvaluelen=0; + type=0; + datalen=0; + rdatalen=0; + + status = spoolss_enum_printerdata(&hnd, idx, &valuelen, value, &rvaluelen, &type, &datalen, data, &rdatalen); - valuelen=rvaluelen; - datalen=rdatalen; + DEBUG(4,("spoolenum_printerdata - got size: biggest value:[%d], biggest data:[%d]\n", rvaluelen, rdatalen)); + + maxvaluelen=valuelen=rvaluelen; + maxdatalen=datalen=rdatalen; value=(uint16 *)malloc(valuelen*sizeof(uint16)); data=(uint8 *)malloc(datalen*sizeof(uint8)); @@ -467,6 +476,8 @@ BOOL msrpc_spoolss_enum_printerdata( const char* printer_name, value, rvaluelen, type, datalen, data, rdatalen); do { + valuelen=maxvaluelen; + datalen=maxdatalen; status = spoolss_enum_printerdata(&hnd, idx, &valuelen, value, &rvaluelen, &type, @@ -507,16 +518,16 @@ BOOL msrpc_spoolss_getprinter( const char* printer_name, const uint32 level, POLICY_HND hnd; uint32 status=0; NEW_BUFFER buffer; - uint32 needed; + uint32 needed=1000; DEBUG(4,("spoolenum_getprinter - printer: %s\n", printer_name)); if(!spoolss_open_printer_ex( printer_name, "", PRINTER_ALL_ACCESS, station, user_name, &hnd)) return False; - init_buffer(&buffer, 0); + init_buffer(&buffer, needed); - status = spoolss_getprinter(&hnd, level, &buffer, 0, &needed); + status = spoolss_getprinter(&hnd, level, &buffer, needed, &needed); if (status==ERROR_INSUFFICIENT_BUFFER) { init_buffer(&buffer, needed); diff --git a/source3/rpc_parse/parse_spoolss.c b/source3/rpc_parse/parse_spoolss.c index b0223d2803..bee8bae8cf 100644 --- a/source3/rpc_parse/parse_spoolss.c +++ b/source3/rpc_parse/parse_spoolss.c @@ -2434,7 +2434,7 @@ uint32 spoolss_size_printer_info_2(PRINTER_INFO_2 *info) size += 4; /* JRA !!!! TESTME - WHAT ABOUT prs_align.... !!! */ size += sec_desc_size( info->secdesc ); - + size+=size_of_device_mode( info->devmode ); size+=size_of_relative_string( &info->servername ); @@ -4581,6 +4581,10 @@ BOOL spoolss_io_r_enumprinterdata(char *desc, SPOOL_R_ENUMPRINTERDATA *r_u, prs_ return False; if(!prs_uint16s(False, "value", ps, depth, r_u->value, r_u->valuesize)) return False; + + if(!prs_align(ps)) + return False; + if(!prs_uint32("realvaluesize", ps, depth, &r_u->realvaluesize)) return False; @@ -4591,6 +4595,9 @@ BOOL spoolss_io_r_enumprinterdata(char *desc, SPOOL_R_ENUMPRINTERDATA *r_u, prs_ return False; if(!prs_uint8s(False, "data", ps, depth, r_u->data, r_u->datasize)) return False; + if(!prs_align(ps)) + return False; + if(!prs_uint32("realdatasize", ps, depth, &r_u->realdatasize)) return False; if(!prs_uint32("status", ps, depth, &r_u->status)) diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c index 7ed6dd80ce..00d5a4d7d1 100644 --- a/source3/rpcclient/cmd_spoolss.c +++ b/source3/rpcclient/cmd_spoolss.c @@ -149,12 +149,12 @@ uint32 cmd_spoolss_enum_printerdata(struct client_info *info, int argc, char *ar printer_name = srv_name; } - DEBUG(4,("spoolopen - printer: %s station: %s user: %s\n", printer_name, station, usr_creds->ntc.user_name)); + DEBUG(0,("spoolenumdata - printer: %s station: %s user: %s\n", printer_name, station, usr_creds->ntc.user_name)); if (msrpc_spoolss_enum_printerdata( printer_name, station, usr_creds->ntc.user_name)) { - DEBUG(5,("cmd_spoolss_enum_printerdata: query succeeded\n")); + DEBUG(0,("cmd_spoolss_enum_printerdata: query succeeded\n")); return NT_STATUS_NOPROBLEMO; } report(out_hnd, "FAILED\n"); |