summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h2
-rw-r--r--source3/smbd/process.c29
2 files changed, 22 insertions, 9 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 81cf2dbf4f..783688e486 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -10066,6 +10066,8 @@ struct idle_event *event_add_idle(struct event_context *event_ctx,
void *private_data);
NTSTATUS allow_new_trans(struct trans_state *list, int mid);
void respond_to_all_remaining_local_messages(void);
+bool create_outbuf(TALLOC_CTX *mem_ctx, const char *inbuf, char **outbuf,
+ uint8_t num_words, uint32_t num_bytes);
void reply_outbuf(struct smb_request *req, uint8 num_words, uint32 num_bytes);
const char *smb_fn_name(int type);
void add_to_common_flags2(uint32 v);
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 71e38634b7..da1165219b 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -1245,7 +1245,8 @@ static const struct smb_message_struct {
allocate and initialize a reply packet
********************************************************************/
-void reply_outbuf(struct smb_request *req, uint8 num_words, uint32 num_bytes)
+bool create_outbuf(TALLOC_CTX *mem_ctx, const char *inbuf, char **outbuf,
+ uint8_t num_words, uint32_t num_bytes)
{
/*
* Protect against integer wrap
@@ -1260,23 +1261,33 @@ void reply_outbuf(struct smb_request *req, uint8 num_words, uint32 num_bytes)
smb_panic(msg);
}
- if (!(req->outbuf = TALLOC_ARRAY(
- req, uint8,
- smb_size + num_words*2 + num_bytes))) {
- smb_panic("could not allocate output buffer\n");
+ *outbuf = TALLOC_ARRAY(mem_ctx, char,
+ smb_size + num_words*2 + num_bytes);
+ if (*outbuf == NULL) {
+ return false;
}
- construct_reply_common((char *)req->inbuf, (char *)req->outbuf);
- srv_set_message((char *)req->outbuf, num_words, num_bytes, false);
+ construct_reply_common(inbuf, *outbuf);
+ srv_set_message(*outbuf, num_words, num_bytes, false);
/*
* Zero out the word area, the caller has to take care of the bcc area
* himself
*/
if (num_words != 0) {
- memset(req->outbuf + smb_vwv0, 0, num_words*2);
+ memset(*outbuf + smb_vwv0, 0, num_words*2);
}
- return;
+ return true;
+}
+
+void reply_outbuf(struct smb_request *req, uint8 num_words, uint32 num_bytes)
+{
+ char *outbuf;
+ if (!create_outbuf(req, (char *)req->inbuf, &outbuf, num_words,
+ num_bytes)) {
+ smb_panic("could not allocate output buffer\n");
+ }
+ req->outbuf = (uint8_t *)outbuf;
}