summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/smbd/trans2.c33
1 files changed, 27 insertions, 6 deletions
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 8b4b36a7fa..3a1a1ca816 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -6882,11 +6882,22 @@ int reply_trans2(connection_struct *conn, char *inbuf,char *outbuf,
if ((state->received_param == state->total_param) &&
(state->received_data == state->total_data)) {
- struct smb_request req;
- init_smb_request(&req, (uint8 *)inbuf);
+ struct smb_request *req;
- outsize = handle_trans2(conn, &req, state, inbuf, outbuf,
+ if (!(req = talloc(tmp_talloc_ctx(), struct smb_request))) {
+ END_PROFILE(SMBtrans2);
+ return ERROR_NT(NT_STATUS_NO_MEMORY);
+ }
+
+ init_smb_request(req, (uint8 *)inbuf);
+
+ outsize = handle_trans2(conn, req, state, inbuf, outbuf,
size, bufsize);
+ if (req->outbuf != NULL) {
+ outsize = smb_len(req->outbuf) + 4;
+ memcpy(outbuf, req->outbuf, outsize);
+ }
+ TALLOC_FREE(req);
SAFE_FREE(state->data);
SAFE_FREE(state->param);
TALLOC_FREE(state);
@@ -6924,7 +6935,7 @@ int reply_transs2(connection_struct *conn,
int outsize = 0;
unsigned int pcnt,poff,dcnt,doff,pdisp,ddisp;
struct trans_state *state;
- struct smb_request req;
+ struct smb_request *req;
START_PROFILE(SMBtranss2);
@@ -7010,10 +7021,20 @@ int reply_transs2(connection_struct *conn,
*/
SCVAL(outbuf,smb_com,SMBtrans2);
- init_smb_request(&req, (uint8 *)inbuf);
+ if (!(req = talloc(tmp_talloc_ctx(), struct smb_request))) {
+ END_PROFILE(SMBtranss2);
+ return ERROR_NT(NT_STATUS_NO_MEMORY);
+ }
- outsize = handle_trans2(conn, &req, state, inbuf, outbuf, size,
+ init_smb_request(req, (uint8 *)inbuf);
+
+ outsize = handle_trans2(conn, req, state, inbuf, outbuf, size,
bufsize);
+ if (req->outbuf != NULL) {
+ outsize = smb_len(req->outbuf) + 4;
+ memcpy(outbuf, req->outbuf, outsize);
+ }
+ TALLOC_FREE(req);
DLIST_REMOVE(conn->pending_trans, state);
SAFE_FREE(state->data);