summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-03-21 22:37:14 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-03-21 22:37:14 +0000
commitd2d29ea9530a5d7077cf0ee138f1f29095e5b496 (patch)
treeada5d2f0521e48c24f07e68a2721d32eb090b99a /source3/smbd
parentab25a258c0c5486e513f0ab5e04c1923e9355a26 (diff)
downloadsamba-d2d29ea9530a5d7077cf0ee138f1f29095e5b496.tar.gz
samba-d2d29ea9530a5d7077cf0ee138f1f29095e5b496.tar.bz2
samba-d2d29ea9530a5d7077cf0ee138f1f29095e5b496.zip
Clobber our SMB buffers between packets. I hope this will help find bugs
where we assume the buffer is zero, when it might not be (ie due to, previous packets). Andrew Bartlett (This used to be commit 191b0ab4d7c35c83d2bb2052b2e37d01fbf37b45)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/process.c12
1 files changed, 10 insertions, 2 deletions
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 57bc236eef..c3fbc22e94 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -1249,12 +1249,16 @@ void smbd_process(void)
extern int smb_echo_count;
time_t last_timeout_processing_time = time(NULL);
unsigned int num_smbs = 0;
+ const size_t total_buffer_size = BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN;
- InBuffer = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN);
- OutBuffer = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN);
+ InBuffer = (char *)malloc(total_buffer_size);
+ OutBuffer = (char *)malloc(total_buffer_size);
if ((InBuffer == NULL) || (OutBuffer == NULL))
return;
+ clobber_region(__FUNCTION__, __LINE__, InBuffer, total_buffer_size);
+ clobber_region(__FUNCTION__, __LINE__, OutBuffer, total_buffer_size);
+
max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);
while (True) {
@@ -1278,6 +1282,8 @@ void smbd_process(void)
num_smbs = 0; /* Reset smb counter. */
}
+ clobber_region(__FUNCTION__, __LINE__, InBuffer, total_buffer_size);
+
while (!receive_message_or_smb(InBuffer,BUFFER_SIZE+LARGE_WRITEX_HDR_SIZE,select_timeout)) {
if(!timeout_processing( deadtime, &select_timeout, &last_timeout_processing_time))
return;
@@ -1295,6 +1301,8 @@ void smbd_process(void)
*/
num_echos = smb_echo_count;
+ clobber_region(__FUNCTION__, __LINE__, OutBuffer, total_buffer_size);
+
process_smb(InBuffer, OutBuffer);
if (smb_echo_count != num_echos) {