summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h3
-rw-r--r--source3/smbd/process.c3
-rw-r--r--source3/smbd/reply.c4
3 files changed, 6 insertions, 4 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 6bb96e9fe3..64c76a04be 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -6167,7 +6167,8 @@ void error_to_writebrawerr(struct smb_request *req);
void reply_writebraw(struct smb_request *req);
void reply_writeunlock(struct smb_request *req);
void reply_write(struct smb_request *req);
-bool is_valid_writeX_buffer(const uint8_t *inbuf);
+bool is_valid_writeX_buffer(struct smbd_server_connection *sconn,
+ const uint8_t *inbuf);
void reply_write_and_X(struct smb_request *req);
void reply_lseek(struct smb_request *req);
void reply_flush(struct smb_request *req);
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 629465cc83..c4e13ecd6d 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -263,7 +263,8 @@ static NTSTATUS receive_smb_raw_talloc_partial_read(TALLOC_CTX *mem_ctx,
* valid writeX call.
*/
- if (is_valid_writeX_buffer((uint8_t *)writeX_header)) {
+ if (is_valid_writeX_buffer(smbd_server_conn,
+ (uint8_t *)writeX_header)) {
/*
* If the data offset is beyond what
* we've read, drain the extra bytes.
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 1c7d0d2bcd..cf4efde013 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -4239,13 +4239,13 @@ strict_unlock:
(2*14) + /* word count (including bcc) */ \
1 /* pad byte */)
-bool is_valid_writeX_buffer(const uint8_t *inbuf)
+bool is_valid_writeX_buffer(struct smbd_server_connection *sconn,
+ const uint8_t *inbuf)
{
size_t numtowrite;
connection_struct *conn = NULL;
unsigned int doff = 0;
size_t len = smb_len_large(inbuf);
- struct smbd_server_connection *sconn = smbd_server_conn;
if (is_encrypted_packet(inbuf)) {
/* Can't do this on encrypted