summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/torture/torture.c26
1 files changed, 23 insertions, 3 deletions
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 0db4630845..5ff7c3bb2d 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -1956,9 +1956,12 @@ static BOOL run_fdsesstest(int dummy)
struct cli_state *cli;
uint16 new_vuid;
uint16 saved_vuid;
+ uint16 new_cnum;
+ uint16 saved_cnum;
const char *fname = "\\fdsess.tst";
int fnum1;
pstring buf;
+ BOOL ret = True;
if (!torture_open_connection(&cli))
return False;
@@ -1967,6 +1970,12 @@ static BOOL run_fdsesstest(int dummy)
if (!torture_cli_session_setup2(cli, &new_vuid))
return False;
+ saved_cnum = cli->cnum;
+ if (!cli_send_tconX(cli, share, "?????", "", 1))
+ return False;
+ new_cnum = cli->cnum;
+ cli->cnum = saved_cnum;
+
printf("starting fdsesstest\n");
cli_unlink(cli, fname);
@@ -1986,18 +1995,29 @@ static BOOL run_fdsesstest(int dummy)
cli->vuid = new_vuid;
if (cli_read(cli, fnum1, buf, 0, 13) == 13) {
- printf("read succeeded! nasty security hole [%s]\n",
+ printf("read succeeded with different vuid! nasty security hole [%s]\n",
buf);
- return False;
+ ret = False;
+ }
+ cli->vuid = saved_vuid;
+
+ /* Try with same vuid, different cnum. */
+ cli->cnum = new_cnum;
+
+ if (cli_read(cli, fnum1, buf, 0, 13) == 13) {
+ printf("read succeeded with different cnum![%s]\n",
+ buf);
+ ret = False;
}
+ cli->cnum = saved_cnum;
cli_close(cli, fnum1);
cli_unlink(cli, fname);
torture_close_connection(cli);
printf("finished fdsesstest\n");
- return True;
+ return ret;
}
/*